www.ewm.com Open in urlscan Pro
204.232.141.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOut...
Effective URL:
https://www.ewm.com/login/
Submission: On September 04 via manual (September 4th 2023, 10:44:00 am UTC) from IN — Scanned from DE

Summary HTTP 148 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 37 domains to perform 148 HTTP transactions. The main IP is 204.232.141.225, located in Latham, United States and belongs to RACKSPACE, US. The main domain is www.ewm.com.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.

This is the only time www.ewm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 15	204.232.141.225 204.232.141.225	27357 (RACKSPACE) (RACKSPACE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3 25	2a04:4e42:200... 2a04:4e42:200::591	54113 (FASTLY) (FASTLY)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	54.231.202.25 54.231.202.25	16509 (AMAZON-02) (AMAZON-02)
2	204.232.141.226 204.232.141.226	27357 (RACKSPACE) (RACKSPACE)
2	2600:9000:225... 2600:9000:2251:7800:a:6937:9340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.90.223.176 34.90.223.176	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
12	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
19 24	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:5a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:6a8:b2f5:a36e:3d52	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.157.147.168 35.157.147.168	16509 (AMAZON-02) (AMAZON-02)
1 1	3.121.164.104 3.121.164.104	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.59 52.222.214.59	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.202.141.165 52.202.141.165	14618 (AMAZON-AES) (AMAZON-AES)
1	104.64.127.92 104.64.127.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.50.102.52 52.50.102.52	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
11	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::2011	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
148	43

15 204.232.141.225 (Latham, United States) 5 redirects

ASN27357 (RACKSPACE, US)

ewm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ewm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wp.prod.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a04:4e42:200::591 (United States) 3 redirects

ASN54113 (FASTLY, US)

bt-wpstatic.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.202.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

boomtown-production-consumer-backup.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.232.141.226 (Latham, United States)

ASN27357 (RACKSPACE, US)

static.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suggest.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:7800:a:6937:9340:93a1 (United States)

ASN16509 (AMAZON-02, US)

pages.liveby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.90.223.176 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.usefathom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

api.liveby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.204.74.118 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:6a8:b2f5:a36e:3d52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.147.168 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-147-168.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.164.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-164-104.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.141.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-141-165.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.127.92 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-127-92.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.102.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-102-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4210 i.simpli.fi — Cisco Umbrella Rank: 3548 um.simpli.fi — Cisco Umbrella Rank: 791	19 KB
25	fastly.net 3 redirects bt-wpstatic.freetls.fastly.net — Cisco Umbrella Rank: 150301	784 KB
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 34 apis.google.com — Cisco Umbrella Rank: 120	244 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 169	501 KB
11	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 227	4 KB
11	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	23 KB
11	ewm.com 5 redirects ewm.com www.ewm.com	55 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	90 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	587 KB
6	boomtownroi.com static.boomtownroi.com — Cisco Umbrella Rank: 207551 wp.prod.boomtownroi.com — Cisco Umbrella Rank: 340534 suggest.boomtownroi.com — Cisco Umbrella Rank: 237672	81 KB
5	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 386	128 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	280 B
5	google.de www.google.de — Cisco Umbrella Rank: 6457	842 B
4	liveby.com pages.liveby.com — Cisco Umbrella Rank: 171059 api.liveby.com — Cisco Umbrella Rank: 176727	29 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2328 pbid.pro-market.net — Cisco Umbrella Rank: 7450	1 KB
3	amazonaws.com boomtown-production-consumer-backup.s3.amazonaws.com — Cisco Umbrella Rank: 197998	65 KB
2	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 595
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1585	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 527 d.agkn.com — Cisco Umbrella Rank: 719	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 473	1 KB
2	usefathom.com cdn.usefathom.com — Cisco Umbrella Rank: 18663	3 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	210 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 478	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 366	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 149	571 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 395	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 857	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 776	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 584	444 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1567	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1117
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6043	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 388	140 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 561	99 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 753	238 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
148	37

	Domain	Requested by
25	bt-wpstatic.freetls.fastly.net	3 redirects www.ewm.com bt-wpstatic.freetls.fastly.net
24	um.simpli.fi	19 redirects www.ewm.com
12	connect.facebook.net	www.ewm.com wp.prod.boomtownroi.com
11	bam.nr-data.net	wp.prod.boomtownroi.com www.ewm.com
9	www.ewm.com	3 redirects www.ewm.com
8	www.googletagmanager.com	www.ewm.com
6	www.google.com	1 redirects www.ewm.com
6	www.google-analytics.com	www.ewm.com
5	js-agent.newrelic.com	wp.prod.boomtownroi.com www.ewm.com
5	www.facebook.com	www.ewm.com
5	www.google.de	www.ewm.com
5	accounts.google.com	www.ewm.com
4	apis.google.com	wp.prod.boomtownroi.com
4	wp.prod.boomtownroi.com	www.ewm.com
4	googleads.g.doubleclick.net	1 redirects www.ewm.com
4	stats.g.doubleclick.net	www.ewm.com
3	cm.g.doubleclick.net	3 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	boomtown-production-consumer-backup.s3.amazonaws.com	www.ewm.com
2	csp.withgoogle.com	www.ewm.com
2	ib.adnxs.com	1 redirects www.ewm.com
2	loadm.exelator.com	1 redirects www.ewm.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects www.ewm.com
2	api.liveby.com	www.ewm.com
2	cdn.usefathom.com	www.ewm.com
2	tag.simpli.fi	www.ewm.com
2	pages.liveby.com	www.ewm.com
2	ewm.com	2 redirects
1	fonts.gstatic.com
1	suggest.boomtownroi.com	www.ewm.com
1	us-u.openx.net	www.ewm.com
1	pixel.rubiconproject.com	www.ewm.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	www.ewm.com
1	ce.lijit.com	www.ewm.com
1	bcp.crwdcntrl.net	www.ewm.com
1	stags.bluekai.com	www.ewm.com
1	sync.bfmio.com	www.ewm.com
1	pbid.pro-market.net	www.ewm.com
1	sync.intentiq.com	www.ewm.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	www.ewm.com
1	eb2.3lift.com	www.ewm.com
1	sync.1rx.io	www.ewm.com
1	s.ad.smaato.net	www.ewm.com
1	i.simpli.fi	www.ewm.com
1	www.gstatic.com	www.ewm.com
1	static.boomtownroi.com	www.ewm.com
0	sync.search.spotxchange.com Failed	www.ewm.com
148	51

This site contains links to these domains. Also see Links.

Domain
www.berkshirehathawayhs.com
www.bhhsluxurycollection.com
nethostpage.com
www.homeservicesinsurance.com
www.homeservices.com
floridasouth.phmloans.com
www.sunshinekids.org
ftgagency.com
www.facebook.com
www.instagram.com
www.twitter.com
www.linkedin.com
www.youtube.com
policies.google.com
bt-wpstatic.freetls.fastly.net
boomtownroi.com

Subject Issuer	Validity	Valid
san7.ewm.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-05` - `2024-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.boomtownroi.com Go Daddy Secure Certificate Authority - G2	`2022-10-21` - `2023-11-22`	a year	crt.sh
*.liveby.com Amazon RSA 2048 M01	`2023-03-01` - `2024-01-22`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.usefathom.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
api.liveby.com Amazon RSA 2048 M01	`2023-03-02` - `2023-12-17`	10 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-13` - `2023-09-11`	3 months	crt.sh
wp.prod.boomtownroi.com R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ewm.com/login/
Frame ID: 835B5D6A679390C155DDF67C25D0E73F
Requests: 114 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Frame ID: 3B3DE59E99EEB4FE12FE7319C18197CA
Requests: 7 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Frame ID: C62FE2C78EB68440CF47C9481AED9063
Requests: 8 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Frame ID: 98A4C76CF5BB4A0717AE02EDEF5B225D
Requests: 7 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Frame ID: 4444B681FD116C4C9D5DAC8076AFBDA3
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?size=large&width=260&type=standard&theme=outline&shape=rectangular&text=continue_with&logo_alignment=left&client_id=147427376070-u4r3kqrga5empetkb3upj0t3fo04jv4a.apps.googleusercontent.com&iframe_id=gsi_237004_705288&as=MvA0SW2G%2BtjM53nWW7McPQ
Frame ID: 0868EADAD923D617A29B4405A134EC81
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?size=large&width=260&type=standard&theme=outline&shape=rectangular&text=continue_with&logo_alignment=left&client_id=147427376070-u4r3kqrga5empetkb3upj0t3fo04jv4a.apps.googleusercontent.com&iframe_id=gsi_237009_523126&as=MvA0SW2G%2BtjM53nWW7McPQ
Frame ID: 3D25869138B410A875118DFEE568D7FA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berkshire Hathaway HomeServices EWM Realty

Page URL History Show full URLs

http://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2ph... HTTP 308
https://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2ph... HTTP 301
https://www.ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2ph... HTTP 302
https://www.ewm.com/myaccount/?VisitorID=3469030341&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2... HTTP 301
https://www.ewm.com/account/?VisitorID=3469030341&amp%3BVh=K0aclY4nVI4ZkTV0bxaxZsrStR%2FBKeMiEq2... HTTP 302
https://www.ewm.com/login/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js
accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

148
Requests

84 %
HTTPS

44 %
IPv6

37
Domains

51
Subdomains

43
IPs

7
Countries

2817 kB
Transfer

9225 kB
Size

32
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.berkshirehathawayhs.com/EWM-Realty-FL317
Title: Global Property Search

Search URL Search Domain Scan URL

URL: http://www.bhhsluxurycollection.com/
Title: Global Luxury Property Search

Search URL Search Domain Scan URL

URL: https://nethostpage.com/sites/ewm/careers/
Title: Become An Associate

Search URL Search Domain Scan URL

URL: https://www.homeservicesinsurance.com/
Title: Home and Auto Insurance

Search URL Search Domain Scan URL

URL: http://www.homeservices.com/
Title: HomeServices of America

Search URL Search Domain Scan URL

URL: https://floridasouth.phmloans.com/
Title: Mortgage

Search URL Search Domain Scan URL

URL: http://www.sunshinekids.org/
Title: Sunshine Kids Foundation

Search URL Search Domain Scan URL

URL: https://ftgagency.com/
Title: Title & Closing Services

Search URL Search Domain Scan URL

URL: http://www.facebook.com/BHHSEWMRealty

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ewmrealty/

Search URL Search Domain Scan URL

URL: http://www.twitter.com/BHHSEWMRealty

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ewm-realty-international?trk=company_logo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ewmrealtors

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/03/BHHS-Website-Privacy-Policy-Effective-Date-6-2019-rev-03.02.23-88b722cc0fe3d38847ca25eb2476845af925f3b5.pdf
Title: Berkshire Hathaway HomeServices EWM Realty Privacy Policy

Search URL Search Domain Scan URL

URL: https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/08/Terms-and-Conditions-of-Use-EWM-08.2023-36dba4b43abe9db0727ceb15becb8fc93ef65858.pdf
Title: Berkshire Hathaway HomeServices EWM Realty Terms of Use

Search URL Search Domain Scan URL

URL: https://boomtownroi.com/?utm_campaign=ewm.com&utm_medium=bt_client_site_referral&utm_source=client_sites
Title: © 2023

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771 HTTP 308
https://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771 HTTP 301
https://www.ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771 HTTP 302
https://www.ewm.com/myaccount/?VisitorID=3469030341&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771 HTTP 301
https://www.ewm.com/account/?VisitorID=3469030341&amp%3BVh=K0aclY4nVI4ZkTV0bxaxZsrStR%2FBKeMiEq2pheoWLQ0%3D&amp%3BOptOutEmail=true&amp%3Beid=679956771 HTTP 302
https://www.ewm.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

Request Chain 38

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png

Request Chain 64

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

Request Chain 69

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 70

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 71

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=81A9404E76F346C4A8DA4355F0DD2ABE&dongle=yf3

Request Chain 72

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 73

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 74

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=81A9404E76F346C4A8DA4355F0DD2ABE HTTP 302
https://d.agkn.com/pixel/10751/?che=1693824234962&ip=217.114.215.131&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217043104629001840889 HTTP 302
https://um.simpli.fi/aa_px?sk=217043104629001840889 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 75

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 78

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=81A9404E76F346C4A8DA4355F0DD2ABE;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=81A9404E76F346C4A8DA4355F0DD2ABE;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTI0NDE5MDgzNDk5MzkwMDQ0NzQ= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEM6607c7RNnJnxR0d_uN6cc&google_cver=1

Request Chain 79

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0&xl8blockcheck=1

Request Chain 81

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 82

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 83

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 84

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 85

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 86

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693824234518&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6rT1ZMXmNb6qxdwPlqq_-Ag&sscte=1&crd=CKK4sQI&pscrd=IhMIxYPU_uKQgQMVPlWRBR0W1Q-P HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMIxYPU_uKQgQMVPlWRBR0W1Q-P&is_vtc=1&ocp_id=6rT1ZMXmNb6qxdwPlqq_-Ag&cid=CAQSKQBpAlJWzCpxH4R0wfxiOoxn3haoU2wGns81iqhPyLYYV5Xe_pMq7DfT&random=3414353693 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMIxYPU_uKQgQMVPlWRBR0W1Q-P&is_vtc=1&ocp_id=6rT1ZMXmNb6qxdwPlqq_-Ag&cid=CAQSKQBpAlJWzCpxH4R0wfxiOoxn3haoU2wGns81iqhPyLYYV5Xe_pMq7DfT&random=3414353693&ipr=y

Request Chain 87

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 88

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=81A9404E76F346C4A8DA4355F0DD2ABE HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 89

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=81A9404E76F346C4A8DA4355F0DD2ABE&expires=365

Request Chain 90

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=81A9404E76F346C4A8DA4355F0DD2ABE

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESENEavLBtdQaNhnuksft79jc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81A9404E76F346C4A8DA4355F0DD2ABE HTTP 302
https://um.simpli.fi/g_match?id=

148 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ewm.com/login/
Redirect Chain

http://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771
https://ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771
https://www.ewm.com/myaccount/?ContactID=82799045&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771
https://www.ewm.com/myaccount/?VisitorID=3469030341&Vh=K0aclY4nVI4ZkTV0bxaxZsrStR%2fBKeMiEq2pheoWLQ0%3d&OptOutEmail=true&eid=679956771
https://www.ewm.com/account/?VisitorID=3469030341&amp%3BVh=K0aclY4nVI4ZkTV0bxaxZsrStR%2FBKeMiEq2pheoWLQ0%3D&amp%3BOptOutEmail=true&amp%3Beid=679956771
https://www.ewm.com/login/

174 KB
43 KB

445ms
444ms

Document
text/html

204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

a4bebed9c403be9df46146e0d22cf7b6483698bedd5bc7020bfe99a469413e31

Security Headers

Name	Value
Content-Security-Policy	*
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: *
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:53 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: no-cache
content-security-policy: *
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:53 GMT
location: /login/
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
x-content-type-options: nosniff
x-redirect-by: WordPress

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 245ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 09:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3571
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 11:44:23 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 252ms
30ms Script
text/javascript 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 08:52:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6690
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Mon, 04 Sep 2023 10:52:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 104ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2113WW5W

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

162a5eaa00ec85a17db0a8b956fbc5e9e2f57d2c8b25dec65e29a7fbb16fd9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 btga4.js Show response
www.ewm.com/wp-content/plugins/bt-google-analytics/resources/javascript/ 6 KB
1 KB 129ms
129ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewm.com/wp-content/plugins/bt-google-analytics/resources/javascript/btga4.js?v=2

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad9d41135bd62ce6addeb923be888442f748f9d4f05a0882e27d5749acae43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:53 GMT
content-encoding: gzip
surrogate-key: assets
last-modified: Wed, 23 Aug 2023 13:26:13 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
etag: W/"64e608f5-1968"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Wed, 04 Oct 2023 10:43:53 GMT

GET
H2 200 jquery.bxslider.css
bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/includes/libraries/bxslider-4/dist/ 4 KB
1 KB 246ms
24ms Stylesheet
text/css 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/includes/libraries/bxslider-4/dist/jquery.bxslider.css
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 60b04299bc904d73c55d87ef6351383918bb808b05380fe8e7787af72d53d243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 415140
x-cache: HIT
content-length: 1124
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Mon, 02 Dec 2019 20:03:09 GMT
server: nginx
x-timer: S1693824234.069295,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"5de56dfd-f60"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 testimonials-widget.css
bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/assets/css/ 3 KB
730 B 246ms
25ms Stylesheet
text/css 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget.css
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 130003
x-cache: HIT
content-length: 624
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Mon, 14 Oct 2019 19:17:30 GMT
server: nginx
x-timer: S1693824234.069276,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"5da4c9ca-a1a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 style.min.css
bt-wpstatic.freetls.fastly.net/wp-includes/css/dist/block-library/ 79 KB
11 KB 268ms
47ms Stylesheet
text/css 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 113472
x-cache: HIT
content-length: 10523
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 06 Apr 2023 20:39:25 GMT
server: nginx
x-timer: S1693824234.069612,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 bt-testimonials.frontend.e0fb56d7.min.css
www.ewm.com/wp-content/build/plugins/ 9 KB
2 KB 130ms
129ms Stylesheet
text/css 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewm.com/wp-content/build/plugins/bt-testimonials.frontend.e0fb56d7.min.css

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

afb22929459f47664cc10ab35232bc2b231481cb6643a284dc0e1caeee156f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31535400; includeSubDomains; preload;
last-modified: Wed, 31 Aug 2022 15:16:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Wed, 04 Oct 2023 10:43:53 GMT

GET
H2 200 base-theme.7e532d07.min.css
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/ 554 KB
90 KB 246ms
25ms Stylesheet
text/css 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d291afe2e3148def72cd71728e4acce52170c6fa1cb1e4405a3afe19aac54b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 69474
x-cache: HIT
content-length: 91859
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Fri, 30 Jun 2023 14:06:37 GMT
server: nginx
x-timer: S1693824234.069222,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"649ee16d-8a701"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 manifest.7ecd6199.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/ 2 KB
927 B 246ms
25ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/manifest.7ecd6199.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c165d7bdcae3acbb1769917e45538025d526f2145ef926b851def47c1fe9845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1419143
x-cache: HIT
content-length: 818
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Wed, 15 Mar 2023 14:10:50 GMT
server: nginx
x-timer: S1693824234.069213,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 regenerator-runtime.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/ 6 KB
2 KB 246ms
25ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 38982
x-cache: HIT
content-length: 2398
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 06 Apr 2023 20:39:25 GMT
server: nginx
x-timer: S1693824234.069188,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 wp-polyfill.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/ 16 KB
6 KB 294ms
73ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2028391
x-cache: HIT
content-length: 6031
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 06 Apr 2023 20:39:27 GMT
server: nginx
x-timer: S1693824234.084723,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1014

GET
H2 200 jquery-3-6-0-migrate-3.4.0.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/lib/jquery/ 101 KB
34 KB 268ms
47ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/lib/jquery/jquery-3-6-0-migrate-3.4.0.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12b4b3d3e75063715e88c3ea4df748c6b57c1de49ac6c8291dc333459f5e9f04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 242332
x-cache: HIT
content-length: 34937
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Tue, 26 Jul 2022 14:00:54 GMT
server: nginx
x-timer: S1693824234.069185,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"62dff396-19224"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vendor.bundle.63bd000a.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/ 343 KB
100 KB 246ms
26ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/vendor.bundle.63bd000a.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c0d144432b6d24a195bdebab10fc83d01d9f3403326accd6537cf93020ad658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 992018
x-cache: HIT
content-length: 102420
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Wed, 15 Mar 2023 14:10:56 GMT
server: nginx
x-timer: S1693824234.069154,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 escape-html.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 2 KB
852 B 294ms
73ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/escape-html.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7888ffcea333c718549f8cca260ec422d5ad5583d6cb32c049f61b57ecc395f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1313636
x-cache: HIT
content-length: 766
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 06 Apr 2023 20:39:25 GMT
server: nginx
x-timer: S1693824234.084701,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 element.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 9 KB
3 KB 293ms
73ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/element.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 152912e109dc49161717407bccb672669982e04a35df96afa574533c15a1950a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2098994
x-cache: HIT
content-length: 3491
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 06 Apr 2023 20:39:25 GMT
server: nginx
x-timer: S1693824234.084723,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 core-components.1e6d6953.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/core/ 253 KB
60 KB 293ms
73ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/core/core-components.1e6d6953.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5690d9f5745b42e9c6f76d6941ef4f7e689b3fa7c0e8575d5a7e509a34a692f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 546208
x-cache: HIT
content-length: 60835
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Wed, 15 Mar 2023 14:10:51 GMT
server: nginx
x-timer: S1693824234.084690,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 98ms
34ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 835
x-xss-protection: 1; mode=block
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H/1.1

200
OK

new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

29 KB
29 KB

362ms
131ms

Image
image/png

54.231.202.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 54.231.202.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c178741a34e6c29013714d1b48ba987fbda1fd0570b3a0ff7e505ca3d3b99f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 10:43:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2023 14:51:43 GMT
Server: AmazonS3
x-amz-request-id: 110MWCXKW893VS86
ETag: "9f1ce2e2aab0e62fa08b26de461fb605"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29383
x-amz-id-2: HK8QEYIgDmRv63IQQMzhDOOXsQUKZhRbPdzUIf4bACmTCDyzjjv21dbrMcoJsT4fDcJRUzhpH7o=

Redirect headers

x-served-by: cache-fra-eddf8230055-FRA
date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 varnish
server: nginx
age: 3718
x-timer: S1693824234.196095,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-cache: HIT
content-type: text/html
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 138
x-cache-hits: 1

GET
H/1.1 200
OK idx-large.gif
static.boomtownroi.com/content/photos/rmls/idx/ 2 KB
2 KB 692ms
123ms Image
image/gif 204.232.141.226
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.boomtownroi.com/content/photos/rmls/idx/idx-large.gif
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.232.141.226 Latham, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 401c8521e1f8c0b39886b50c8a0194de9edb0ecaea0c14b54a37de9f22959238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
last-modified: Thu, 21 May 2020 15:08:36 GMT
server: Microsoft-IIS/10.0
etag: "63829cb3812fd61:0"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2121
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 boomtown-footer.webp
www.ewm.com/wp-content/themes/wp-base-theme/assets/media/build/ 1 KB
2 KB 131ms
129ms Image
image/webp 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewm.com/wp-content/themes/wp-base-theme/assets/media/build/boomtown-footer.webp

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

690f7a6b191bb9b1882d5b31832ae7f1712f9c32aa6f12631eb14b1a3cd33dc3

Security Headers

Name	Value
Content-Security-Policy	*
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: *
x-content-type-options: nosniff
strict-transport-security: max-age=31535400; includeSubDomains; preload;
last-modified: Mon, 19 Dec 2022 14:41:00 GMT
server: nginx
etag: "63a077fc-514"
content-type: image/webp
cache-control: no-cache
accept-ranges: bytes
content-length: 1300

GET
H2 200 liveby.js Show response
pages.liveby.com/ 101 KB
27 KB 154ms
24ms Script
application/javascript 2600:9000:2251:7800:a:6937:9340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.liveby.com/liveby.js?id=ewm
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7800:a:6937:9340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2464da84eb0e41e94465d82bb4b613cfca1e385d5c037789bf7e16b354e7b774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 20:11:17 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 19:43:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 52426
x-amz-server-side-encryption: AES256
etag: W/"d2db713c3366796ede0d99014055ee58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NSMTHsdJCHZMhjih9Dmf40xBwwi63foO6OGuJXqNLCZiwjsliO7-pw==

GET
H2 200 e319ffd0-ab33-0137-5a25-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 99ms
29ms Script
application/javascript 34.90.223.176
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/e319ffd0-ab33-0137-5a25-06659b33d47c

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

176.223.90.34.bc.googleusercontent.com

Software

Resource Hash

7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: F4GsKrN4qqErIqOzYCqB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 d737d130-d1c3-0137-5e44-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 100ms
30ms Script
application/javascript 34.90.223.176
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/d737d130-d1c3-0137-5e44-06659b33d47c

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

176.223.90.34.bc.googleusercontent.com

Software

Resource Hash

7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: F4GsKrN6Ywqo92o8RXiD
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 134ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670219055

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9232b966f8ac6e6e4218ca699a1f876be4165f46609c165b99d431f51883564c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71543
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 194 KB
76 KB 150ms
90ms Script
application/javascript 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

579edb00a4fa4bf0113dad8ec527482c6427606d1173ebefad5c22bf69f878a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LVcIq4t8qH6J2rGr4WFyUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-LVcIq4t8qH6J2rGr4WFyUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 glogin.js Show response
www.ewm.com/wp-content/plugins/bt-google-login/resources/javascript/onetap/ 5 KB
1 KB 132ms
130ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewm.com/wp-content/plugins/bt-google-login/resources/javascript/onetap/glogin.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

15d906d94b7586d223b18a6887608b89a096e8907fbf70cf74e3e76dd122c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
surrogate-key: assets
last-modified: Wed, 22 Feb 2023 15:18:09 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
etag: W/"63f63231-1266"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Wed, 04 Oct 2023 10:43:54 GMT

GET
H2 200 bt-testimonials.frontend.5f0d4557.min.js Show response
www.ewm.com/wp-content/build/plugins/ 7 KB
3 KB 129ms
128ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewm.com/wp-content/build/plugins/bt-testimonials.frontend.5f0d4557.min.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

2003fc07084ad7f3b2805ebae45f9c10101df5c259c848e2a51275271af43285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31535400; includeSubDomains; preload;
last-modified: Wed, 15 Mar 2023 14:10:50 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
expires: Wed, 04 Oct 2023 10:43:54 GMT

GET
H2 200 manifest.10038b63.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 4 KB
2 KB 23ms
20ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/manifest.10038b63.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a338756f66dec80cfdbf3d8a92bdd560a35d14dd3e2da25454c8b5c8f14163ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 122193
x-cache: HIT
content-length: 1928
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Fri, 09 Jun 2023 18:25:37 GMT
server: nginx
x-timer: S1693824234.194393,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64836ea1-f77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 deps.87584fde.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 607 KB
176 KB 27ms
24ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/deps.87584fde.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 213ae4a2bbb6edcec9263dc258b3e046878fbb0147f798d5bbfad5df45097a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 69523
x-cache: HIT
content-length: 180228
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 16 Mar 2023 15:47:56 GMT
server: nginx
x-timer: S1693824234.196298,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64133a2c-97bac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 components.7e532d07.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 1 MB
223 KB 30ms
27ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/components.7e532d07.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c76ca80878c2bc17ac3ba7e13279078e58ace7171cc1b95de03cbe339364285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 28607
x-cache: HIT
content-length: 228417
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Fri, 30 Jun 2023 14:06:37 GMT
server: nginx
x-timer: S1693824234.196098,VS0,VE2
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"649ee16d-147125"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.2b63026d.min.js
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 0
45 KB 24ms
21ms Other
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/details.2b63026d.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 69518
x-cache: HIT
content-length: 45540
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Fri, 09 Jun 2023 18:25:43 GMT
server: nginx
x-timer: S1693824234.196081,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64836ea7-3b4d6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 results-gallery.0fe208be.min.js
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 0
9 KB 23ms
21ms Other
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/results-gallery.0fe208be.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 415137
x-cache: HIT
content-length: 8911
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 16 Mar 2023 15:47:53 GMT
server: nginx
x-timer: S1693824234.196068,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64133a29-7ba9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 124 KB
48 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-M8C4ZPS&cid=1296331048.1693824234

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f35ad5fb6aaa1fa0a027ccd28843a6329e0c426ad40181f39ccd07454549849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49349
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
79 KB 128ms
99ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BDFQV

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8d471528933066beebd210aba1e63a0c55a0c13dc29fa549193800dfcad0c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80668
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 92df6940133169e4e383416c02bfb28e-fa-solid-900.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 6 KB
6 KB 74ms
23ms Font
application/font-woff 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/92df6940133169e4e383416c02bfb28e-fa-solid-900.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d9920c945af94bbf49a05492579854a6a97c4ddf22ce58be50165d238cb9ffd

Request headers

Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Origin: https://www.ewm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 730286
x-cache: HIT
content-length: 5693
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 16 Nov 2022 16:37:15 GMT
server: nginx
x-timer: S1693824234.298665,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 92df6940133169e4e383416c02bfb28e-fa-regular-400.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 6 KB
6 KB 75ms
24ms Font
application/font-woff 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/92df6940133169e4e383416c02bfb28e-fa-regular-400.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de22013b68779c5df28bb2aa0d882e37a25355d137d961cf58051e85b568a5e8

Request headers

Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Origin: https://www.ewm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 22642
x-cache: HIT
content-length: 6532
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 16 Nov 2022 16:37:20 GMT
server: nginx
x-timer: S1693824234.298781,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 d0b8577c047ea9719e1a7ccbb85d8788-fa-brands-400.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 2 KB
2 KB 73ms
23ms Font
application/font-woff 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/d0b8577c047ea9719e1a7ccbb85d8788-fa-brands-400.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dbf6e49525bb130e0c98c022d0aab07510b285a9dd9e9b1904efa4eac6b2adcd

Request headers

Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.7e532d07.min.css
Origin: https://www.ewm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 965100
x-cache: HIT
content-length: 2169
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Fri, 01 Apr 2022 14:01:04 GMT
server: nginx
x-timer: S1693824234.298660,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/05/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png

6 KB
7 KB

354ms
142ms

Image
image/png

54.231.202.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 54.231.202.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf3734dfb134a92f0c6fd2ae65b43b3ae05c3e945a7c96dffff23b95925dd67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 10:43:55 GMT
x-amz-version-id: null
Last-Modified: Tue, 24 May 2022 20:55:21 GMT
Server: AmazonS3
x-amz-request-id: 110X3AZFG8NRBZ36
ETag: "70afe73310f1959585ac1d7953d0806f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6380
x-amz-id-2: TlveOxTSHHeKks6DYcLi9l8kjec9RNdPPoW9xga1dabaWS8ng58ktphZDVZ90uuigIyfvfJHlB0=

Redirect headers

x-served-by: cache-fra-eddf8230055-FRA
date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 varnish
server: nginx
age: 3718
x-timer: S1693824234.268881,VS0,VE1
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-cache: HIT
content-type: text/html
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/05/equal-housing-png-logo-5010-a940de7da43325c69cac75468151790ceab4d6d2-300x246.png
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 138
x-cache-hits: 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 30ms
30ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1636846530&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEADQAAAACAAI~&jid=1634353996&gjid=1296382810&cid=1296331048.1693824234&uid=3469070381&tid=UA-139148254-1&_gid=1301675964.1693824234&_slc=1&cd4=unregistered&cd11=3469070381&z=1542039186

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5734967e3d637b206f75eac14c4e4d1c1143a293c827a8fc680dc29feedabce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
205 B 30ms
30ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-139148254-1&cid=1296331048.1693824234&jid=1634353996&uid=3469070381&gjid=1296382810&_gid=1301675964.1693824234&_u=KGDAgEADQAAAAGAAI~&z=682895113

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 29ms
29ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1636846530&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEADQAAAAGAAI~&jid=1582956592&gjid=1720185513&cid=1296331048.1693824234&uid=3469070381&tid=UA-139148254-2&_gid=1301675964.1693824234&_slc=1&cd4=unregistered&cd11=3469070381&z=751809931

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e0ca95529ce0c9b0391ae03c2b475fb31594ed999de8dbf27fbff4233f395603

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 30ms
30ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-139148254-2&cid=1296331048.1693824234&jid=1582956592&uid=3469070381&gjid=1720185513&_gid=1301675964.1693824234&_u=KGDAgEADQAAAAGAAI~&z=1785956517

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 83ms
82ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2113WW5W&l=dataLayer&cx=c

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b456ba9b3ac02da4cbea29cd79dc5ab14e76ecb13c405f069a5887ba8ea8e356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1050553015&l=dataLayer&cx=c

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ee958b0faf4fa6b02172eb50c28ee33d318278b3d9c6d4cb777af1daafafe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55747
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 454 KB
183 KB 79ms
22ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ewm.com/
Origin: https://www.ewm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 09:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 09:22:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WJZQKH5W34&cx=c&_slc=1

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8591c6ef010c426008ed0009be1fd1b9a1cee6772210dd8ed2f55aa01098dfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6YGHGHC8EM&cx=c&_slc=1

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5da2bddb10a6d4014004e9fcdd97abad0de9475e9ffe1260672a63d2e6893fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 10:43:54 GMT

GET
H2 200 script.js Show response
cdn.usefathom.com/ 6 KB
2 KB 140ms
33ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefathom.com/script.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-vapor-base64-encode: True
cdn-cachedat: 08/31/2023 17:57:06
cdn-pullzone: 506217
last-modified: Tue, 25 Jul 2023 16:46:29 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: d2ee94a669577a439cc66d5f181c3b10
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pages Show response
api.liveby.com/v1/ 2 B
472 B 449ms
348ms Fetch
application/json 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages?id=ewm&ref=%2Flogin%2F
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amzn-requestid: bf17f9f5-3183-4dd1-9742-dd37949e0dda
x-amzn-trace-id: Root=1-64f5b4ea-2a16aff8522a893e549322f5;Sampled=0;lineage=e5050681:0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: 'max-age=120'
access-control-allow-credentials: true
x-amz-apigw-id: Kuk0uHv1iYcFQbw=
content-length: 22
x-amz-cf-id: GE3ue5cjHd9tErsycvbYVyYDLeS1UR-WCTlKi2kqBz1IIQpVJSTGdw==

GET
H2 200 main.css
pages.liveby.com/static/css/ 5 KB
2 KB 22ms
20ms Stylesheet
text/css 2600:9000:2251:7800:a:6937:9340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.liveby.com/static/css/main.css?cb=1
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7800:a:6937:9340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6148a36fd1e27b3ab1462617b052a2c52bebcafe31a79fc7f10612d249473d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 20:11:17 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 15:41:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 52423
x-amz-server-side-encryption: AES256
etag: W/"de78a3c234da1df471ef2012929a6b89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: T76MkPE3q40eUOV8SteejRT3pd10SVf8knXjvMGdspotEY-j3jIf0Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: EMJUuSBeSxmpitjAKF5DWm8ky4JGCBjiaBowoi/7b0WkMHxzNUK4p4BYiFIQl2RyBO/F2IHtoOZWvdc1cxdSLw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670219055&l=dataLayer&cx=c

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37167aa3ae8dc4dea4743662343ce40e01cbf8b42d714166decee44166f3411c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71551
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 10:43:54 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SK2113WW5W&gtm=45je38u0&_p=1636846530&cid=1296331048.1693824234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693824234&sct=1&seg=0&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK2113WW5W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
1 KB 116ms
29ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=38669&cb=sifi_att_42656._hp

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

16fa5ecb9cf8d2c5d3d4f11f4736b8c7ef035eae9f3a063ad509dcd76816d3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1050553015/ 3 KB
2 KB 112ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1050553015/?random=1693824234580&cv=11&fst=1693824234580&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&hn=www.googleadservices.com&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&auid=2118137376.1693824235&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9723615e5d00cc5d51182b759cbc0b111c1eff2e5b639a68f76d0f0fed314a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670219055/ 3 KB
1 KB 90ms
65ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670219055/?random=1693824234606&cv=11&fst=1693824234606&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&hn=www.googleadservices.com&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&auid=2118137376.1693824235&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f32c26b55ab2d987674f199216d483b62215792b46c7b0d12bb72538da6f50e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
29ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1636846530&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAGAAI~&jid=1742992374&gjid=109780289&cid=1296331048.1693824234&tid=UA-22147283-3&_gid=1301675964.1693824234&_r=1&_slc=1&gtm=45He38u0n715BDFQV&cd4=&cd1=4494581372&cd2=0&cd6=porthole-offset&cd13=0&cd18=3469070381&cd43=5902&z=2049246138

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 09:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3571
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 11:44:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WJZQKH5W34&gtm=45je38u0&_p=1636846530&ul=en-us&sr=1600x1200&cid=1296331048.1693824234&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&uid=3469070381&sid=1693824234&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=unregistered&ep.ua_dimension_11=3469070381
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WJZQKH5W34&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
wp.prod.boomtownroi.com/fb-authenticator/ Frame 3B3D 56 KB
19 KB 743ms
284ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

46f457b7433f17ba0874341229ec97366bb8ff2643dcbb72c1f6cb6a2a3987b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
wp.prod.boomtownroi.com/fb-authenticator/ Frame C62F 56 KB
19 KB 630ms
172ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

0812969dd9085ca01a9dbc4f4dff07a50ac293f388885b903aa5d7904da24ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 desktopSaveSearchModal.937c8dcd.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 6 KB
3 KB 21ms
21ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/desktopSaveSearchModal.937c8dcd.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d44fb209870cd41ee960ad827e9dff120b004446e9e9627c512a5cf3a74f49e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 415137
x-cache: HIT
content-length: 2610
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 16 Mar 2023 15:47:58 GMT
server: nginx
x-timer: S1693824235.707573,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64133a2e-19c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 login.01365ef2.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 3 KB
1 KB 29ms
29ms Script
application/javascript 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/login.01365ef2.min.js
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f23d08c846fb664bca50db56950e5954a074df35fa3b5e80ec8c773149ed853c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 412464
x-cache: HIT
content-length: 1168
x-served-by: cache-fra-eddf8230055-FRA
last-modified: Thu, 16 Mar 2023 15:47:56 GMT
server: nginx
x-timer: S1693824235.719296,VS0,VE8
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"64133a2c-aa8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1

200
OK

new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

29 KB
29 KB

114ms
114ms

Image
image/png

54.231.202.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 54.231.202.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c178741a34e6c29013714d1b48ba987fbda1fd0570b3a0ff7e505ca3d3b99f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 10:43:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2023 14:51:43 GMT
Server: AmazonS3
x-amz-request-id: 110XRXXRJRWV3FY5
ETag: "9f1ce2e2aab0e62fa08b26de461fb605"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29383
x-amz-id-2: BKYzIv8KqWG2dXtrdnJgVrUZIX2dvXPwvmJI1LTb8guwABOCsPesNuUeaMiXmdguJJKoqSmaN/4=

Redirect headers

x-served-by: cache-fra-eddf8230055-FRA
date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 varnish
server: nginx
age: 3719
x-timer: S1693824235.724292,VS0,VE0
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-cache: HIT
content-type: text/html
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
access-control-allow-origin: *
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 138
x-cache-hits: 2

GET
H2 200 202599653819082 Show response
connect.facebook.net/signals/config/ 149 KB
39 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/202599653819082?v=2.9.125&r=stable&domain=www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cbe7dfc9933685994e551fa17f15876b0ca24de6fb2d5a4c58a75a1f0fe651d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39052
x-xss-protection: 0
pragma: public
x-fb-debug: 21BbNO62xkEiwXOcWzjkFwW4JiAl7GkARVaSyHlmnCC+a06u2Tg+XGMZ5/x1xLop9pgkZr8RXCudRwRkfCvPHg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6YGHGHC8EM&gtm=45je38u0&_p=1636846530&ul=en-us&sr=1600x1200&cid=1296331048.1693824234&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&uid=3469070381&sid=1693824234&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=unregistered&ep.ua_dimension_11=3469070381
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6YGHGHC8EM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
30ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22147283-3&cid=1296331048.1693824234&jid=1742992374&gjid=109780289&_gid=1301675964.1693824234&_u=aGDAAEADQAAAAGAAI~&z=1492132467

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cdn.usefathom.com/ 43 B
427 B 1984ms
1983ms Image
image/gif 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usefathom.com/?h=https%3A%2F%2Fwww.ewm.com&p=%2Flogin%2F&r=&sid=ZGTWRZTY&qs=%7B%7D&cid=29840184
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/04/2023 10:43:56
cdn-pullzone: 506217
content-length: 43
pragma: no-cache
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: fae3bbc078346badc4361fd5596d1f92
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=81A9404E76F346C4A8DA4355F0DD2ABE

0
238 B

106ms
51ms

Image
text/plain

2600:9000:211e:5a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 2600:9000:211e:5a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
cache-control: no-cache, must-revalidate
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: QH2sKLGyzcvEEkiWW0K93EJFX9SK0RLROBVnA8qBuGwpoJUb4KqQGQ==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

204

81A9404E76F346C4A8DA4355F0DD2ABE
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/81A9404E76F346C4A8DA4355F0DD2ABE

0
99 B

103ms
30ms

Image
text/plain

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/simplifi/81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.1rx.io/usersync/simplifi/81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=81A9404E76F346C4A8DA4355F0DD2ABE&dongle=yf3

37 B
140 B

81ms
24ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=81A9404E76F346C4A8DA4355F0DD2ABE&dongle=yf3
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=81A9404E76F346C4A8DA4355F0DD2ABE&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=81A9404E76F346C4A8DA4355F0DD2ABE

43 B
175 B

349ms
108ms

Image
image/gif

2600:1f18:612b:4232:6a8:b2f5:a36e:3d52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 2600:1f18:612b:4232:6a8:b2f5:a36e:3d52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE

95 B
437 B

36ms
36ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=81A9404E76F346C4A8DA4355F0DD2ABE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=81A9404E76F346C4A8DA4355F0DD2ABE
https://d.agkn.com/pixel/10751/?che=1693824234962&ip=217.114.215.131&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217043104629001840889
https://um.simpli.fi/aa_px?sk=217043104629001840889
https://um.simpli.fi/empty.gif

43 B
361 B

27ms
27ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=81A9404E76F346C4A8DA4355F0DD2ABE

0
0

85ms
20ms

Image
text/html

52.222.214.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 52.222.214.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-59.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 48ms
46ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 48ms
46ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=81A9404E76F346C4A8DA4355F0DD2ABE;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=81A9404E76F346C4A8DA4355F0DD2ABE;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTI0NDE5MDgzNDk5MzkwMDQ0NzQ=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEM6607c7RNnJnxR0d_uN6cc&google_cver=1

43 B
392 B

46ms
32ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEM6607c7RNnJnxR0d_uN6cc&google_cver=1
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEM6607c7RNnJnxR0d_uN6cc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0&xl8blockcheck=1

0
771 B

49ms
49ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0&xl8blockcheck=1
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=81A9404E76F346C4A8DA4355F0DD2ABE&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 54ms
52ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=81A9404E76F346C4A8DA4355F0DD2ABE

0
421 B

485ms
114ms

Image
text/plain

52.202.141.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 52.202.141.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-141-165.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 04 Sep 2023 10:43:54 GMT

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=81A9404E76F346C4A8DA4355F0DD2ABE

62 B
444 B

333ms
209ms

Image
image/gif

104.64.127.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 104.64.127.92 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-127-92.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 04 Sep 2023 10:43:55 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

404

tpid=81A9404E76F346C4A8DA4355F0DD2ABE
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=81A9404E76F346C4A8DA4355F0DD2ABE

49 B
265 B

160ms
47ms

Image
image/gif

52.50.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 52.50.102.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-102-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.46
content-length: 49
expires: 0

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=81A9404E76F346C4A8DA4355F0DD2ABE

0
311 B

114ms
43ms

Image
text/plain

216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 04 Sep 2023 10:43:55 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=81A9404E76F346C4A8DA4355F0DD2ABE

0
98 B

94ms
33ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1693824234518&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
108 B

36ms
35ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMIxYPU_uKQgQMVPlWRBR0W1Q-P&is_vtc=1&ocp_id=6rT1ZMXmNb6qxdwPlqq_-Ag&cid=CAQSKQBpAlJWzCpxH4R0wfxiOoxn3haoU2wGns81iqhPyLYYV5Xe_pMq7DfT&random=3414353693&ipr=y

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=407960684&cv=7&fst=1693824234518&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=IhMIxYPU_uKQgQMVPlWRBR0W1Q-P&is_vtc=1&ocp_id=6rT1ZMXmNb6qxdwPlqq_-Ag&cid=CAQSKQBpAlJWzCpxH4R0wfxiOoxn3haoU2wGns81iqhPyLYYV5Xe_pMq7DfT&random=3414353693&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=81A9404E76F346C4A8DA4355F0DD2ABE

0
0

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=81A9404E76F346C4A8DA4355F0DD2ABE
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D81A9404E76F346C4A8DA4355F0DD2ABE

43 B
900 B

32ms
32ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D81A9404E76F346C4A8DA4355F0DD2ABE

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:55 GMT
an-x-request-uuid: b8b4c067-0042-4f07-b59f-935c6d51f1d9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
an-x-request-uuid: e9e125ea-0b28-4263-88b6-8544b4595456
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D81A9404E76F346C4A8DA4355F0DD2ABE
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=81A9404E76F346C4A8DA4355F0DD2ABE&expires=365

0
239 B

102ms
23ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=81A9404E76F346C4A8DA4355F0DD2ABE&expires=365
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=81A9404E76F346C4A8DA4355F0DD2ABE&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=81A9404E76F346C4A8DA4355F0DD2ABE

43 B
273 B

82ms
31ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=81A9404E76F346C4A8DA4355F0DD2ABE
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=81A9404E76F346C4A8DA4355F0DD2ABE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 10:43:54 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESENEavLBtdQaNhnuksft79jc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81A9404E76F346C4A8DA4355F0DD2ABE
https://um.simpli.fi/g_match?id=

0
320 B

27ms
27ms

Image
text/plain

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 03 Sep 2023 10:43:54 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1050553015/ 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1050553015/?random=1693824234580&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2951884854&rmt_tld=0&ipr=y

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1050553015/ 42 B
455 B 84ms
34ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1050553015/?random=1693824234580&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2951884854&rmt_tld=1&ipr=y

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/670219055/ 42 B
327 B 35ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670219055/?random=1693824234606&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2558797075&rmt_tld=0&ipr=y

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/670219055/ 42 B
108 B 95ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/670219055/?random=1693824234606&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2558797075&rmt_tld=1&ipr=y

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
wp.prod.boomtownroi.com/fb-authenticator/ Frame 98A4 56 KB
20 KB 742ms
396ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

9c21a497a459949c29b81bee05998fb64b0e454a05248a4ec5654b7284d9c583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
wp.prod.boomtownroi.com/fb-authenticator/ Frame 4444 56 KB
19 KB 680ms
335ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 Latham, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

73617a34047d39283951cea9ccab5c547c0c56b42c34bac12d9e86f62f49111d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 10:43:55 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22147283-3&cid=1296331048.1693824234&jid=1742992374&_u=aGDAAEADQAAAAGAAI~&z=2372797

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 49ms
47ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22147283-3&cid=1296331048.1693824234&jid=1742992374&_u=aGDAAEADQAAAAGAAI~&z=2372797

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 990130191007447 Show response
connect.facebook.net/signals/config/ 137 KB
35 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990130191007447?v=2.9.125&r=stable&domain=www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdb969cc7cdb556e65931ed1556c47d8b3b01cc06d0709b34523b290a6a1bb4b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36080
x-xss-protection: 0
pragma: public
x-fb-debug: Gblwg3hLcWTyu3GxMoMvEOxzZy6SYpBk4zPRggIZmXRS538e+61vRxHsn58Dl7qcUmKLLuNqrrT45JRYRsCExw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 78ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202599653819082&ev=PageView&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&rl=&if=false&ts=1693824234813&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693824234811.71508149&cs_est=true&it=1693824234728&coo=false&rqm=GET

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ldp-template Show response
api.liveby.com/v1/pages/ 2 B
470 B 375ms
375ms Fetch
application/json 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages/ldp-template?clientid=ewm
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:55 GMT
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amzn-requestid: baf4fcbe-5451-43f7-b26b-9dda9ec0d4b8
x-amzn-trace-id: Root=1-64f5b4eb-132f77295c960ac00a62a77d;Sampled=0;lineage=5238436a:0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: 'max-age=120'
access-control-allow-credentials: true
x-amz-apigw-id: Kuk0xFrZiYcF_Qg=
content-length: 22
x-amz-cf-id: oU4XIq4dJ_SkZxl4086AO-5kJ2b5-SsyCiwKXhmwpihU2xwEbrO4-A==

GET
H3 200 1089288694580993 Show response
connect.facebook.net/signals/config/ 94 KB
26 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1089288694580993?v=2.9.125&r=stable&domain=www.ewm.com

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc333e64fdf74bc4a4a00400a19b1a42b161b79f5622d56f60b8cbe6afc41708

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26522
x-xss-protection: 0
pragma: public
x-fb-debug: kPBZzujeQ3BD3J8AkyImZaLhaYvia7HbsHYKZqHr4z6D2rw2+Xgk+yEBrKqn3CWDGDExjHDWRKcwsvbwU6mgdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 68ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990130191007447&ev=PageView&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&rl=&if=false&ts=1693824234864&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693824234811.71508149&it=1693824234728&coo=false&rqm=GET

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1089288694580993&ev=PageView&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&rl=&if=false&ts=1693824234893&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693824234811.71508149&it=1693824234728&coo=false&rqm=GET

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Sep 2023 10:43:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK SuggestListings Show response
suggest.boomtownroi.com/1/ 2 KB
932 B 357ms
126ms Script
application/json 204.232.141.226
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.boomtownroi.com/1/SuggestListings?callback=jQuery36002500675312430132_1693824234156&tenantID=5902&q=&maxResults=15&type=all&visitorid=3469070381&_=1693824234157
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.232.141.226 Latham, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6d918b8b98044a2d418eac39d4b3d5f4a84b4b801428caebed861ce803a9bfd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:54 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: application/json; charset=utf-8
traceid: 139733861239263232
cache-control: private
content-length: 651

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202599653819082&ev=Microdata&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&rl=&if=false&ts=1693824235315&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Berkshire%20Hathaway%20HomeServices%20EWM%20Realty%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Berkshire%20Hathaway%20HomeServices%20EWM%20Realty%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ewm.com%2Flogin%2F%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693824234811.71508149&it=1693824234728&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Sep 2023 10:43:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990130191007447&ev=Microdata&dl=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&rl=&if=false&ts=1693824235365&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Berkshire%20Hathaway%20HomeServices%20EWM%20Realty%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Berkshire%20Hathaway%20HomeServices%20EWM%20Realty%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ewm.com%2Flogin%2F%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693824234811.71508149&it=1693824234728&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Sep 2023 10:43:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame C62F 57 KB
22 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98e1802d6c84b348969c428c14b5eef73dbe33744477d92b7700b7c9777ce62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6cfc15e737d447ba"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 10:43:55 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 3B3D 56 KB
21 KB 64ms
50ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0805c90fe0fe15204225d68671f30843b526ceb98e22d37c4ee3b0ea064dbd05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21839
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "955d46bfb24963d1"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 10:43:55 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 4444 57 KB
22 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98e1802d6c84b348969c428c14b5eef73dbe33744477d92b7700b7c9777ce62

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22284
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6cfc15e737d447ba"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 10:43:55 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 98A4 56 KB
21 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0805c90fe0fe15204225d68671f30843b526ceb98e22d37c4ee3b0ea064dbd05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21839
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "955d46bfb24963d1"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 10:43:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C62F 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb2ef2cfbf185c9a47df89e245c2a27a028bc115cf39926d053e291dd016599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: OdqahxOVoheSkPbA1t8+oA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: zJweL1cGZXN6xoV7MjzMQRd0oZJ2yJABjdQs/UO8LlVlo5SorxgaAOnNptPovyJY83/zXrUeUL2FH4oza1f01w==
x-fb-content-md5: 850580452aa26295f4119975066b8547
cross-origin-opener-policy: same-origin-allow-popups
etag: "b67d2524f12b8d52a5fcbbdcdd144f1e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Sep 2023 10:50:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3B3D 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb2ef2cfbf185c9a47df89e245c2a27a028bc115cf39926d053e291dd016599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: OdqahxOVoheSkPbA1t8+oA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: zJweL1cGZXN6xoV7MjzMQRd0oZJ2yJABjdQs/UO8LlVlo5SorxgaAOnNptPovyJY83/zXrUeUL2FH4oza1f01w==
x-fb-content-md5: 850580452aa26295f4119975066b8547
cross-origin-opener-policy: same-origin-allow-popups
etag: "b67d2524f12b8d52a5fcbbdcdd144f1e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Sep 2023 10:50:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C62F 302 KB
86 KB 47ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b53bb0293804402938411cd5378e806e

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1abf488fad92c4378c1f501a02c97deb2038bbb9f75e26bb005e1992f19ebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wp.prod.boomtownroi.com/
Origin: https://wp.prod.boomtownroi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: lgi1lbyH7tVxqsjaPFOTDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87478
x-fb-debug: 919aVqUYnUj0nvogeStnitfjzy+8jLRip7vmNbuGsP9It9a1AaqEm/I0L8vSSWyQdLuVTgZkZEV7lpWiBEuIqw==
x-fb-content-md5: 5fb856acb3597b4b85457d8e8fc7c2bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "5b34befa4c7febce1752b29ca5ad9fff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Sep 2024 09:41:08 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 4444 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb2ef2cfbf185c9a47df89e245c2a27a028bc115cf39926d053e291dd016599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: OdqahxOVoheSkPbA1t8+oA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: zJweL1cGZXN6xoV7MjzMQRd0oZJ2yJABjdQs/UO8LlVlo5SorxgaAOnNptPovyJY83/zXrUeUL2FH4oza1f01w==
x-fb-content-md5: 850580452aa26295f4119975066b8547
cross-origin-opener-policy: same-origin-allow-popups
etag: "b67d2524f12b8d52a5fcbbdcdd144f1e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Sep 2023 10:50:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3B3D 302 KB
86 KB 37ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b53bb0293804402938411cd5378e806e

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1abf488fad92c4378c1f501a02c97deb2038bbb9f75e26bb005e1992f19ebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wp.prod.boomtownroi.com/
Origin: https://wp.prod.boomtownroi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: lgi1lbyH7tVxqsjaPFOTDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87478
x-fb-debug: 919aVqUYnUj0nvogeStnitfjzy+8jLRip7vmNbuGsP9It9a1AaqEm/I0L8vSSWyQdLuVTgZkZEV7lpWiBEuIqw==
x-fb-content-md5: 5fb856acb3597b4b85457d8e8fc7c2bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "5b34befa4c7febce1752b29ca5ad9fff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Sep 2024 09:41:08 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 98A4 3 KB
2 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb2ef2cfbf185c9a47df89e245c2a27a028bc115cf39926d053e291dd016599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: OdqahxOVoheSkPbA1t8+oA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: zJweL1cGZXN6xoV7MjzMQRd0oZJ2yJABjdQs/UO8LlVlo5SorxgaAOnNptPovyJY83/zXrUeUL2FH4oza1f01w==
x-fb-content-md5: 850580452aa26295f4119975066b8547
cross-origin-opener-policy: same-origin-allow-popups
etag: "b67d2524f12b8d52a5fcbbdcdd144f1e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Sep 2023 10:50:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 4444 302 KB
86 KB 36ms
36ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b53bb0293804402938411cd5378e806e

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1abf488fad92c4378c1f501a02c97deb2038bbb9f75e26bb005e1992f19ebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wp.prod.boomtownroi.com/
Origin: https://wp.prod.boomtownroi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: lgi1lbyH7tVxqsjaPFOTDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87478
x-fb-debug: 919aVqUYnUj0nvogeStnitfjzy+8jLRip7vmNbuGsP9It9a1AaqEm/I0L8vSSWyQdLuVTgZkZEV7lpWiBEuIqw==
x-fb-content-md5: 5fb856acb3597b4b85457d8e8fc7c2bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "5b34befa4c7febce1752b29ca5ad9fff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Sep 2024 09:41:08 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 98A4 302 KB
86 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b53bb0293804402938411cd5378e806e

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1abf488fad92c4378c1f501a02c97deb2038bbb9f75e26bb005e1992f19ebf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wp.prod.boomtownroi.com/
Origin: https://wp.prod.boomtownroi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 10:43:55 GMT
content-md5: lgi1lbyH7tVxqsjaPFOTDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87478
x-fb-debug: 919aVqUYnUj0nvogeStnitfjzy+8jLRip7vmNbuGsP9It9a1AaqEm/I0L8vSSWyQdLuVTgZkZEV7lpWiBEuIqw==
x-fb-content-md5: 5fb856acb3597b4b85457d8e8fc7c2bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "5b34befa4c7febce1752b29ca5ad9fff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Sep 2024 09:41:08 GMT

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ Frame C62F 76 KB
26 KB 82ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220112-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693824236.785892,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2257

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ Frame 3B3D 76 KB
25 KB 89ms
46ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220112-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693824236.786000,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2258

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ Frame 4444 76 KB
25 KB 63ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220112-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693824236.785866,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2257

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ Frame 98A4 76 KB
25 KB 85ms
46ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp.prod.boomtownroi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 10:43:55 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220112-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693824236.786025,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2259

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/1/ Frame C62F 40 B
413 B 529ms
473ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1140&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&af=err,xhr,stn,ins,spa&ap=39&be=631&fe=405&dc=246&at=ShIWG1hIThwRAEMDQ0xN&perf=%7B%22timing%22:%7B%22of%22:1693824234685,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:459,%22rp%22:631,%22rpe%22:743,%22di%22:877,%22ds%22:877,%22de%22:877,%22dc%22:1033,%22l%22:1033,%22le%22:1036%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230062-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/1/ Frame 4444 40 B
413 B 493ms
444ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1036&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&af=err,xhr,stn,ins,spa&ap=49&be=681&fe=261&dc=118&at=ShIWG1hIThwRAEMDQ0xN&perf=%7B%22timing%22:%7B%22of%22:1693824234798,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:346,%22rp%22:681,%22rpe%22:742,%22di%22:799,%22ds%22:799,%22de%22:799,%22dc%22:941,%22l%22:941,%22le%22:942%7D,%22navigation%22:%7B%7D%7D&fp=799&fcp=799
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230108-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/1/ Frame 98A4 40 B
413 B 484ms
436ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1051&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&af=err,xhr,stn,ins,spa&ap=48&be=743&fe=202&dc=63&at=ShIWG1hIThwRAEMDQ0xN&perf=%7B%22timing%22:%7B%22of%22:1693824234797,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:347,%22rp%22:743,%22rpe%22:746,%22di%22:805,%22ds%22:805,%22de%22:806,%22dc%22:944,%22l%22:944,%22le%22:945%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230105-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/1/ Frame 3B3D 40 B
413 B 187ms
140ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1168&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&af=err,xhr,stn,ins,spa&ap=47&be=744&fe=310&dc=144&at=ShIWG1hIThwRAEMDQ0xN&perf=%7B%22timing%22:%7B%22of%22:1693824234685,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:233,%22c%22:233,%22s%22:345,%22ce%22:459,%22rq%22:459,%22rp%22:744,%22rpe%22:794,%22di%22:887,%22ds%22:887,%22de%22:887,%22dc%22:1053,%22l%22:1053,%22le%22:1054%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:55 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230047-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/events/1/ Frame 3B3D 24 B
352 B 134ms
134ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1362&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230047-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/events/1/ Frame 4444 24 B
352 B 129ms
129ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1541&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230105-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/events/1/ Frame 98A4 24 B
352 B 139ms
139ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1543&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230108-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/resources/1/ Frame C62F 36 B
365 B 238ms
236ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1678&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&st=1693824234685
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ccac393ade0c8bc251d3572635ab525e43448f72ad5f443becd3f69e82ae636

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230062-FRA

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/events/1/ Frame C62F 24 B
352 B 127ms
126ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.238.0&to=fkQLXBBnQVFdEgBaTFhfDRYSW0MfRBFMWldfRAZXFhxeRR4RDUxfWF4QFgRfUldACQhJF0JYDEsWWl1ZR04IV1xUSE1JCkM%3D&rst=1919&ck=0&s=82d148e21ab4afd3&ref=https://wp.prod.boomtownroi.com/fb-authenticator/&ptid=38a69f22-0001-be64-5023-018a5fcabbf2
Requested by: Host: wp.prod.boomtownroi.com
URL: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://www.ewm.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://wp.prod.boomtownroi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://wp.prod.boomtownroi.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230062-FRA

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ 76 KB
25 KB 22ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 10:43:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220112-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693824237.755391,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2262

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 233ms
232ms Stylesheet
text/css 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AR9ZJCb0tscX9M2WWW1yVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-AR9ZJCb0tscX9M2WWW1yVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 04 Sep 2023 10:43:56 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
524 B 71ms
71ms XHR
application/json 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=147427376070-u4r3kqrga5empetkb3upj0t3fo04jv4a.apps.googleusercontent.com&as=MvA0SW2G%2BtjM53nWW7McPQ

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8b734cc822f9d69f18e563fa326188a0ce842940f7a5ee2f9cf835bafdb3243

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GWyQ3uOCDNxH-a2EW3Uffg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-GWyQ3uOCDNxH-a2EW3Uffg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewm.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/784324384/ 3 KB
1 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784324384/?random=1693824236757&cv=11&fst=1693824236757&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&hn=www.googleadservices.com&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&auid=2118137376.1693824235&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1408f3e46d2b2fa0b76ea9c0af2111fb63fdeb75499c529cde3bdfe9d60b7459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/1/ 40 B
401 B 154ms
154ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.238.0&to=ZlUBbRBSXUNSAhVQV18fIloWWlxeHA0OXlFf&rst=6087&ck=0&s=8bcc87d93e857c65&ref=https://www.ewm.com/login/&af=err,xhr,stn,ins,spa&ap=366&be=2994&fe=3066&dc=956&at=ShIWG1hIThwRAEMDQ0xN&perf=%7B%22timing%22:%7B%22of%22:1693824230695,%22n%22:0,%22f%22:2549,%22dn%22:2549,%22dne%22:2549,%22c%22:2549,%22s%22:2549,%22ce%22:2549,%22rq%22:2549,%22rp%22:2994,%22rpe%22:3239,%22di%22:3947,%22ds%22:3947,%22de%22:3949,%22dc%22:6054,%22l%22:6054,%22le%22:6059%7D,%22navigation%22:%7B%7D%7D&fp=3497&fcp=3587
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:56 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ewm.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230062-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/784324384/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/784324384/?random=1693824236757&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&fmt=3&is_vtc=1&random=4087537271&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/784324384/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/784324384/?random=1693824236757&cv=11&fst=1693821600000&bg=ffffff&guid=ON&async=1&gtm=45He38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewm.com%2Flogin%2F&frm=0&tiba=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&fmt=3&is_vtc=1&random=4087537271&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 10:43:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 7bce71ab19 Show response
bam.nr-data.net/events/1/ 24 B
340 B 131ms
130ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.238.0&to=ZlUBbRBSXUNSAhVQV18fIloWWlxeHA0OXlFf&rst=6252&ck=0&s=8bcc87d93e857c65&ref=https://www.ewm.com/login/
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.ewm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 10:43:57 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.ewm.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230062-FRA

GET
H3 200 button Show response
accounts.google.com/gsi/ Frame 0868 108 KB
39 KB 126ms
125ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?size=large&width=260&type=standard&theme=outline&shape=rectangular&text=continue_with&logo_alignment=left&client_id=147427376070-u4r3kqrga5empetkb3upj0t3fo04jv4a.apps.googleusercontent.com&iframe_id=gsi_237004_705288&as=MvA0SW2G%2BtjM53nWW7McPQ

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34ce6f9bedaba24279fdf342befbe24ec18e066dbd5fe124d93161ba2811ede6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RagkiZ61I3lQ2cffqs4Sww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RagkiZ61I3lQ2cffqs4Sww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 10:43:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 button Show response
accounts.google.com/gsi/ Frame 3D25 108 KB
39 KB 287ms
287ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.ewm.com
URL: https://www.ewm.com/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6603e13735973604c3f10a4d4f4698fffa3ef551e40622ed2a1af8e2b0cf63e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V69IDR6lr6gzD-84wxKYaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ewm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-V69IDR6lr6gzD-84wxKYaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 10:43:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 0868 0
0 87ms
34ms Other
text/html 2a00:1450:4001:82b::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 3D25 0
0 38ms
37ms Other
text/html 2a00:1450:4001:82b::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: www.ewm.com
URL: https://www.ewm.com/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 3D25 51 KB
27 KB 72ms
22ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:49:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=81A9404E76F346C4A8DA4355F0DD2ABE

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ewm.com/	1970-01-20 23:17:26	Name: BoomTownAuth Value: dERLR3lPS0RPSDIvN0QrRlh3THkwdz09%3AnI5uaxbQ8AXI%2BIu2q3MwjQ%3D%3D
.ewm.com/	1970-01-20 14:30:27	Name: BoomTownData Value: VisitID%3D4494581372%26OriginalUrl%3Dhttps%253A%252F%252Fwww.ewm.com%252Fmyaccount%252F%253FVisitorID%253D3469030341%2526amp%253BVh%253DK0aclY4nVI4ZkTV0bxaxZsrStR%25252fBKeMiEq2pheoWLQ0%25253d%2526amp%253BOptOutEmail%253Dtrue%2526amp%253Beid%253D679956771%26Referrer%3D%26IsRegistered%3D0%26FirstName%3DGuest%26LastName%3DVisitor%26Username%3D%26FavoriteCount%3D0%26ActiveSearchCount%3D0
.www.ewm.com/	1969-12-31 23:59:59	Name: BoomTownCustomPageId Value: 9222
.ewm.com/	1970-01-20 14:31:50	Name: _gid Value: GA1.2.1301675964.1693824234
.ewm.com/	1970-01-20 14:30:24	Name: _gat_clientAccount Value: 1
.simpli.fi/	1970-01-20 23:17:26	Name: suid Value: 81A9404E76F346C4A8DA4355F0DD2ABE
.ewm.com/	1970-01-20 14:30:24	Name: _gat_customAccount Value: 1
.ewm.com/	1970-01-21 00:06:24	Name: _ga_SK2113WW5W Value: GS1.1.1693824234.1.0.1693824234.0.0.0
.simpli.fi/	1970-01-20 14:40:29	Name: uid_syncd_secure Value: true
.ewm.com/	1969-12-31 23:59:59	Name: LastSearch Value:
.ewm.com/	1970-01-20 16:40:00	Name: _gcl_au Value: 1.1.2118137376.1693824235
.ewm.com/	1970-01-21 00:06:24	Name: _ga Value: GA1.2.1296331048.1693824234
.ewm.com/	1970-01-20 14:30:24	Name: _gat_UA-22147283-3 Value: 1
.ewm.com/	1970-01-21 00:06:24	Name: _ga_WJZQKH5W34 Value: GS1.2.1693824234.1.0.1693824234.0.0.0
.ewm.com/	1970-01-21 00:06:24	Name: _ga_6YGHGHC8EM Value: GS1.2.1693824234.1.0.1693824234.0.0.0
.ewm.com/	1970-01-20 16:40:00	Name: _fbp Value: fb.1.1693824234811.71508149
.doubleclick.net/	1970-01-20 23:52:00	Name: IDE Value: AHWqTUlGYLwY1tPljN6iy6nhj3_niGJiBInNc7ZKX6_1ReJ1JSM5nyMPfavM5f_Frz0
.agkn.com/	1970-01-20 23:16:00	Name: ab Value: 0001%3A6HdZZDL%2F%2F7CXjmANOOSRvytWWZ1AanfQ
.tapad.com/	1970-01-20 15:56:48	Name: TapAd_TS Value: 1693824234958
.tapad.com/	1970-01-20 15:56:48	Name: TapAd_DID Value: 3f91a2bc-c503-4914-a62c-434361846623
.adnxs.com/	1970-01-20 16:40:00	Name: uuid2 Value: 3216666271310555700
.tapad.com/	1970-01-20 15:56:48	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 16:40:00	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?jt'R`y!]tbPl1N!7On*M$=BWOqiJ/yOe:@^jh1Oy^kz5>XeV5[ZjG?f^eTtuKfb:=qgE8?W/X%W#.wL4W1Qw2$-^ngx
.exelator.com/	1970-01-20 17:23:12	Name: EE Value: "2cb869b4daa3a930154104ff259fcc64"
.pro-market.net/	1970-01-20 15:13:36	Name: anHistory Value: "-ijw09ldggi7u+2+!#7%.$i!P~}"
.agkn.com/	1970-01-20 23:16:00	Name: u Value: C\|0AAAAAAAALIhxawAAAAAA
.exelator.com/	1970-01-20 17:23:12	Name: ud Value: "eJxrXxzq6XKLQcEoOcnCzDLJJCUx0TjR0tjA0NTE0MAkLc3I1DItOdnMZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR%252FVfwoAoVQqaQ%253D%253D"
.pro-market.net/	1970-01-20 18:49:36	Name: anProfile Value: "-ijw09ldggi7u+1+1f=1+1g=1+1j=41+rs=s+rt=20011B601010000310114BEE4D37F3D0+s2=(s0gj57)+vm=24-81A9404E76F346C4A8DA4355F0DD2ABE:53-CAESEM6607c7RNnJnxR0d_uN6cc"
.bluekai.com/	1970-01-20 18:52:29	Name: bku Value: blx99mr62VHHsx6D
.bluekai.com/	1970-01-20 18:52:29	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEQhxEA61eHaBpjs1pxtxpHOmWHOBe1NBDRyHWx0xDJa9y97c9rp
.bfmio.com/	1970-01-20 23:16:00	Name: __141_cid Value: 81A9404E76F346C4A8DA4355F0DD2ABE
.bfmio.com/	1970-01-20 23:16:00	Name: __io_cid Value: da526a9ab177bfbb055ea222015d801cf75f26a0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.ewm.com/login/ Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=81A9404E76F346C4A8DA4355F0DD2ABE Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=81A9404E76F346C4A8DA4355F0DD2ABE Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=81A9404E76F346C4A8DA4355F0DD2ABE Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=81A9404E76F346C4A8DA4355F0DD2ABE Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.ewm.com/login/(Line 4) Message: The Content-Security-Policy directive name '*' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	*
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
accounts.google.com
api.liveby.com
apis.google.com
bam.nr-data.net
bcp.crwdcntrl.net
boomtown-production-consumer-backup.s3.amazonaws.com
bt-wpstatic.freetls.fastly.net
cdn.usefathom.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
csp.withgoogle.com
d.agkn.com
eb2.3lift.com
ewm.com
fei.pro-market.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
loadm.exelator.com
pages.liveby.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
static.boomtownroi.com
stats.g.doubleclick.net
suggest.boomtownroi.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
wp.prod.boomtownroi.com
www.ewm.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
sync.search.spotxchange.com
104.64.127.92
13.248.245.213
151.101.2.137
162.247.243.29
18.66.112.79
2001:4860:4802:32::36
204.232.141.225
204.232.141.226
216.52.2.91
216.58.212.130
2400:52e0:1e00::1080:1
2600:1901:0:8eee::
2600:1f18:612b:4232:6a8:b2f5:a36e:3d52
2600:9000:211e:5a00:1b:5138:8a40:93a1
2600:9000:2251:7800:a:6937:9340:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:800::200d
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2011
2a00:1450:400c:c07::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::591
3.121.164.104
34.111.113.62
34.254.143.3
34.90.223.176
34.90.79.92
34.98.64.218
35.157.147.168
35.204.74.118
35.244.174.68
37.252.171.52
46.228.174.117
52.202.141.165
52.222.214.59
52.50.102.52
54.231.202.25
69.173.144.165
0805c90fe0fe15204225d68671f30843b526ceb98e22d37c4ee3b0ea064dbd05
0812969dd9085ca01a9dbc4f4dff07a50ac293f388885b903aa5d7904da24ce4
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c178741a34e6c29013714d1b48ba987fbda1fd0570b3a0ff7e505ca3d3b99f3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12b4b3d3e75063715e88c3ea4df748c6b57c1de49ac6c8291dc333459f5e9f04
1408f3e46d2b2fa0b76ea9c0af2111fb63fdeb75499c529cde3bdfe9d60b7459
152912e109dc49161717407bccb672669982e04a35df96afa574533c15a1950a
15d906d94b7586d223b18a6887608b89a096e8907fbf70cf74e3e76dd122c67c
162a5eaa00ec85a17db0a8b956fbc5e9e2f57d2c8b25dec65e29a7fbb16fd9ec
16fa5ecb9cf8d2c5d3d4f11f4736b8c7ef035eae9f3a063ad509dcd76816d3fe
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
1c0d144432b6d24a195bdebab10fc83d01d9f3403326accd6537cf93020ad658
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c76ca80878c2bc17ac3ba7e13279078e58ace7171cc1b95de03cbe339364285
2003fc07084ad7f3b2805ebae45f9c10101df5c259c848e2a51275271af43285
213ae4a2bbb6edcec9263dc258b3e046878fbb0147f798d5bbfad5df45097a45
2464da84eb0e41e94465d82bb4b613cfca1e385d5c037789bf7e16b354e7b774
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2cbe7dfc9933685994e551fa17f15876b0ca24de6fb2d5a4c58a75a1f0fe651d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34ce6f9bedaba24279fdf342befbe24ec18e066dbd5fe124d93161ba2811ede6
37167aa3ae8dc4dea4743662343ce40e01cbf8b42d714166decee44166f3411c
3c165d7bdcae3acbb1769917e45538025d526f2145ef926b851def47c1fe9845
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
401c8521e1f8c0b39886b50c8a0194de9edb0ecaea0c14b54a37de9f22959238
46f457b7433f17ba0874341229ec97366bb8ff2643dcbb72c1f6cb6a2a3987b1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb2ef2cfbf185c9a47df89e245c2a27a028bc115cf39926d053e291dd016599
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5690d9f5745b42e9c6f76d6941ef4f7e689b3fa7c0e8575d5a7e509a34a692f2
5734967e3d637b206f75eac14c4e4d1c1143a293c827a8fc680dc29feedabce4
579edb00a4fa4bf0113dad8ec527482c6427606d1173ebefad5c22bf69f878a6
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5aad9d41135bd62ce6addeb923be888442f748f9d4f05a0882e27d5749acae43
5ccac393ade0c8bc251d3572635ab525e43448f72ad5f443becd3f69e82ae636
5d9920c945af94bbf49a05492579854a6a97c4ddf22ce58be50165d238cb9ffd
5da2bddb10a6d4014004e9fcdd97abad0de9475e9ffe1260672a63d2e6893fab
60b04299bc904d73c55d87ef6351383918bb808b05380fe8e7787af72d53d243
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6603e13735973604c3f10a4d4f4698fffa3ef551e40622ed2a1af8e2b0cf63e7
690f7a6b191bb9b1882d5b31832ae7f1712f9c32aa6f12631eb14b1a3cd33dc3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d918b8b98044a2d418eac39d4b3d5f4a84b4b801428caebed861ce803a9bfd0
6ee958b0faf4fa6b02172eb50c28ee33d318278b3d9c6d4cb777af1daafafe88
6f35ad5fb6aaa1fa0a027ccd28843a6329e0c426ad40181f39ccd07454549849
73617a34047d39283951cea9ccab5c547c0c56b42c34bac12d9e86f62f49111d
7888ffcea333c718549f8cca260ec422d5ad5583d6cb32c049f61b57ecc395f0
7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8591c6ef010c426008ed0009be1fd1b9a1cee6772210dd8ed2f55aa01098dfe0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9232b966f8ac6e6e4218ca699a1f876be4165f46609c165b99d431f51883564c
9723615e5d00cc5d51182b759cbc0b111c1eff2e5b639a68f76d0f0fed314a85
9c21a497a459949c29b81bee05998fb64b0e454a05248a4ec5654b7284d9c583
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a338756f66dec80cfdbf3d8a92bdd560a35d14dd3e2da25454c8b5c8f14163ed
a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028
a4bebed9c403be9df46146e0d22cf7b6483698bedd5bc7020bfe99a469413e31
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb22929459f47664cc10ab35232bc2b231481cb6643a284dc0e1caeee156f7e
b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb
b456ba9b3ac02da4cbea29cd79dc5ab14e76ecb13c405f069a5887ba8ea8e356
b8d471528933066beebd210aba1e63a0c55a0c13dc29fa549193800dfcad0c3f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf3734dfb134a92f0c6fd2ae65b43b3ae05c3e945a7c96dffff23b95925dd67f
c1abf488fad92c4378c1f501a02c97deb2038bbb9f75e26bb005e1992f19ebf4
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
cdb969cc7cdb556e65931ed1556c47d8b3b01cc06d0709b34523b290a6a1bb4b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d291afe2e3148def72cd71728e4acce52170c6fa1cb1e4405a3afe19aac54b89
d44fb209870cd41ee960ad827e9dff120b004446e9e9627c512a5cf3a74f49e0
d6148a36fd1e27b3ab1462617b052a2c52bebcafe31a79fc7f10612d249473d7
dbf6e49525bb130e0c98c022d0aab07510b285a9dd9e9b1904efa4eac6b2adcd
de22013b68779c5df28bb2aa0d882e37a25355d137d961cf58051e85b568a5e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ca95529ce0c9b0391ae03c2b475fb31594ed999de8dbf27fbff4233f395603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8b734cc822f9d69f18e563fa326188a0ce842940f7a5ee2f9cf835bafdb3243
e98e1802d6c84b348969c428c14b5eef73dbe33744477d92b7700b7c9777ce62
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23d08c846fb664bca50db56950e5954a074df35fa3b5e80ec8c773149ed853c
f32c26b55ab2d987674f199216d483b62215792b46c7b0d12bb72538da6f50e7
fc333e64fdf74bc4a4a00400a19b1a42b161b79f5622d56f60b8cbe6afc41708

www.ewm.com Open in urlscan Pro 204.232.141.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

148 Requests

84 %HTTPS

44 %IPv6

37 Domains

51 Subdomains

43 IPs

7 Countries

2817 kBTransfer

9225 kBSize

32 Cookies

18 Outgoing links

Page URL History

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ewm.com Open in urlscan Pro
204.232.141.225 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

84 %
HTTPS

44 %
IPv6

37
Domains

51
Subdomains

43
IPs

7
Countries

2817 kB
Transfer

9225 kB
Size

32
Cookies

148 HTTP transactions
0 data transactions