ew.com Open in urlscan Pro
99.86.4.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://entertainmentweekly.tv/
Effective URL:
https://ew.com/
Submission: On September 25 via manual (September 25th 2023, 6:32:21 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 47 IPs in 5 countries across 33 domains to perform 139 HTTP transactions. The main IP is 99.86.4.71, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is ew.com. The Cisco Umbrella rank of the primary domain is 84053.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 28th 2023. Valid for: a year.

This is the only time ew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.139.32 3.33.139.32	16509 (AMAZON-02) (AMAZON-02)
1 1	99.86.4.106 99.86.4.106	16509 (AMAZON-02) (AMAZON-02)
21	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:3800:d:2820:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f27... 2a03:2880:f276:d2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f276:e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218e:a600:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
1	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.162.13 52.222.162.13	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2490:3e00:11:e0c9:84c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	54.163.238.217 54.163.238.217	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	104.77.32.87 104.77.32.87	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.224.77.213 3.224.77.213	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	13.32.110.78 13.32.110.78	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
139	47

1 3.33.139.32 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aeedc42b70c898c66.awsglobalaccelerator.com

entertainmentweekly.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.106 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-106.fra6.r.cloudfront.net

www.ew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 99.86.4.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

ew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3800:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

karma.mdpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:d2:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:e8:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:a600:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.18 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.162.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-162-13.cdg52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:3e00:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

d9jj3mjthpub.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

imagesvc.meredithcorp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.238.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-238-217.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.32.87 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-32-87.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.77.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-77-213.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-78.vie50.r.cloudfront.net

ddrvjrfwnij7n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com 1 redirects 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	498 KB
22	ew.com 1 redirects www.ew.com — Cisco Umbrella Rank: 639764 ew.com — Cisco Umbrella Rank: 84053	478 KB
16	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	222 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	219 KB
8	meredithcorp.io imagesvc.meredithcorp.io — Cisco Umbrella Rank: 28226	224 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	138 KB
6	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	198 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	228 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945	67 KB
4	cloudfront.net d30qdagvt44524.cloudfront.net d9jj3mjthpub.cloudfront.net ddrvjrfwnij7n.cloudfront.net	7 KB
3	tru.am tru.am — Cisco Umbrella Rank: 6790 beacon.tru.am — Cisco Umbrella Rank: 8283	12 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2190 google-bidout-d.openx.net — Cisco Umbrella Rank: 2191	660 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 4930	128 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	87 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 10648 www.instagram.com — Cisco Umbrella Rank: 1778	20 KB
1	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 6690	57 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	975 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2392	8 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3974	408 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662	17 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	383 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1465	353 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 7703	160 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	304 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1069	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	91 KB
1	mdpcdn.com karma.mdpcdn.com — Cisco Umbrella Rank: 77378	113 KB
1	entertainmentweekly.tv 1 redirects entertainmentweekly.tv	414 B
139	33

	Domain	Requested by
21	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com ew.com 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
21	ew.com	ew.com
13	securepubads.g.doubleclick.net	1 redirects karma.mdpcdn.com securepubads.g.doubleclick.net ew.com www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	imagesvc.meredithcorp.io	ew.com
7	cdn.cookielaw.org	ew.com cdn.cookielaw.org
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ew.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
4	www.google.com	2 redirects ew.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ew.com
3	c.amazon-adsystem.com	karma.mdpcdn.com c.amazon-adsystem.com
2	tru.am	www.googletagmanager.com tru.am
2	www.googleadservices.com
2	googleads.g.doubleclick.net	ew.com
2	encrypted-tbn3.gstatic.com	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	d9jj3mjthpub.cloudfront.net	ew.com
2	connect.facebook.net	ew.com connect.facebook.net
1	beacon.tru.am	tru.am
1	cdn.p-n.io	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
1	www.gstatic.com	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
1	fonts.googleapis.com	417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	ddrvjrfwnij7n.cloudfront.net	ew.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.google.de	ew.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.cdn.fastclick.net	ew.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js-sec.indexww.com	karma.mdpcdn.com
1	d30qdagvt44524.cloudfront.net	karma.mdpcdn.com
1	www.instagram.com	ew.com
1	platform.instagram.com	1 redirects
1	www.googletagmanager.com	ew.com
1	karma.mdpcdn.com	ew.com
1	www.ew.com	1 redirects
1	entertainmentweekly.tv	1 redirects
139	49

This site contains links to these domains. Also see Links.

Domain
www.magazines.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
www.snapchat.com
www.meredith.com
www.dotdashmeredith.com
www.onetrust.com

Subject Issuer	Validity	Valid
ew.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-29`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
karma.mdpcdn.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.meredithcorp.io R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M02	`2023-02-27` - `2024-02-13`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ew.com/
Frame ID: 996518A066E5E070AEC269151E29144D
Requests: 82 HTTP requests in this frame

Frame: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B13B15DE5C3EC81617C5F65BB5282FF1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ew.com
Frame ID: DC9C94F0BE3F5DE5BD8070D31F0A9AD1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32C1C75DD47C6B922BECE55FD26FAB97
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C81E06EB0783E17722FA155CDCDCC0CF
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 79B91EC17B1C64BA56D059DC89000917
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: 178E896577A6D353D6F46FB342735CB9
Requests: 12 HTTP requests in this frame

Frame: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9AA0694F278B100B8E8CB6AE92825781
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: F690891CA3999DC951AE66685AF1B58A
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEjWmMNFzbdcGcYDXRwVJG24gjqBNtw4Oxs5iFH7uMAxxpIQGT2r0RP2MmcSWUaLlqSu-qNtA8lI9WtIvqovLxEvU7FfK9UEDwFHePt6E3ORyKvhDNV3DB9Qwb1Ugrl86h8nXmdrte-3f6yEJab0soTMUQ694SR93FQfLH63Sf5bG76B9o6973OhKd5mk1gv5g21ZtZDIjDmhSvY68aPysrd4OcDLy7mLjpCWrFErdZicNjL5dWfcmiQwxESW_yVLXc8gIvvy4mBZS0MHkyw7IOxa7AeBkXo4zdYAD_vzbGNOnTRf3dvX8o-46gTdYhf5hD5DpDKoRP16Ftu7H&sai=AMfl-YRtdiCbQMIxmJ927--g6zQttwRPqx9b1vOEqG32HMp-gi9XWkb-OSfcC8FRDfFDgSMVcZe27TES3gg_AzVvRwrU7jWmd3Wv6L_O1DFl66NJmvP4qK45t6vTDd-pymvg6OQOSXcmySZGqQTEc-wkM-e4RJpPCq1p8kuCc9DDz7g&sig=Cg0ArKJSzOHQBPSWsOhcEAE&uach_m=[UACH]&adurl=
Frame ID: BA9665F8B7A68AE3DD372CE048444554
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0uDWo3rSTGHhhUAbBJ4suTuFJewj6afw8I7qB0CW8T1p9qqPgEe8JPIlUmHq_TzUkv_VKjAeD4DnpkCCKHbcd-CqOzTzPLRzjwmFWfF7AbyhQpBTVn1cytHkKEHVw1n0q_d5dkOW1fM4FlX7i3Wh05lHVt2VP7z6hy07hAoYbNjRT5-nr61gZdlkTxvbO1dczwPZg2POtglbJlXZgaQkAA66ow6_La-bewSmwg9V5FIrnMSiQ34LyaIbCxuNSUOufF2ZzGoSaghnY5xXu_lIvMVMAcnJsUpEalr4Uh2nL7oQzKx7KYuNHtBCgArLUkfWxGgfW9CG9j-NjA0h8&sai=AMfl-YTI0r8q2irJfPHuwUmod_yeAsVZxjckn92U4Eggjew9kybQPv0V4d39L-zrcv4vl9virnry0lkofIoUnH_Ej6GWRCDM9kkzSO7IL161s9YqtvXabZT5P7qkstWpsSYkBa6DTwh6H2pEKYqfUgHEUgZWdZBfr5mS2mF4hcSOFAg&sig=Cg0ArKJSzNaz2E-Ao0uVEAE&uach_m=[UACH]&adurl=
Frame ID: B05A8C3D4FBFE41BF2C02426B170E5DE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSwQnZygYHnO0cZ4i6WO4y9Zlfsl8JIenZ2eXG7T0yxNBKXFju0wXz4UuV91_k84-9Rluj1scGx-pwcuDXCGMoCjp6ZlK7Da_Xd5BN9FrZOtxGCHv1NZdWhXWvvICsO-b2GyUrKpZsP9k9DSR0SCz1Z6EH0naEPtH9Bnf_cX7bJRuTnPbfVD4Pm08JtONNWY9Q23bhenVHMepyhenrcAfQe5IQ9w0BC9f3iu1Qq8LGdw9uddeageCCQ3sJKLrIa8_fxImHfyOS7zC5elwxrYgzZD7ltfe1PX-w8o-5NDISE4iu60v6H6KL7cJt1d2uWOPf6i1RTlZtRdaUtyoX&sai=AMfl-YTVWuj9BPG6lqFZ9wQ3WWQRaY8C16mEhF4ZbS98poC4rwETZ8Ge_4lgYgPRXdfQ13hv8H4WsX_vjgpHbCD3IE1t4b0u0CWmBetUvAEre58wjbSnLYHnpWiB7boJLoHbwYYLeEht5e7Db0GpnYlCC0_ZefKxlCmjDifly98Kx7E&sig=Cg0ArKJSzJOxh3U8IvpDEAE&uach_m=[UACH]&adurl=
Frame ID: 62F208E10F8F24A7604E86CB82E7BC39
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: 157843D0A8C9FE880A98399D70C3CE48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entertainment News for Pop Culture Fans - Entertainment WeeklyBack ButtonFilter Button

Page URL History Show full URLs

http://entertainmentweekly.tv/ HTTP 301
http://www.ew.com/ HTTP 301
https://ew.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

139
Requests

95 %
HTTPS

61 %
IPv6

33
Domains

49
Subdomains

47
IPs

5
Countries

2741 kB
Transfer

8162 kB
Size

37
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.magazines.com/entertainment-weekly-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i111ewr1w2662
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i111ewr5w2662
Title: Subscribe this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://twitter.com/EW/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ewmagazine/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ew/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/discover/Entertainment-Weekly/1015541732

Search URL Search Domain Scan URL

URL: https://www.magazines.com/people-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i204ewrfw2803
Title: <div class="inner-container"><img src="https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Few.com%2Fimg%2Fmisc%2F300x250_magazines_and_more.jpg" alt="Magazines & More" title=""></div>

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html
Title: Subscribe this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/Entertainment-Weekly-Media-Kit.pdf
Title: Advertise this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/
Title: Dotdash Merediththis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/brands-privacy
Title: Privacy Policythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal-ti/ew/privacy_terms_service.html
Title: Terms of Servicethis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/adchoices
Title: Ad Choicesthis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/nmg/privacy
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://entertainmentweekly.tv/ HTTP 301
http://www.ew.com/ HTTP 301
https://ew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 74

https://oajs.openx.net/esp?url=https%3A%2F%2Few.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Few.com%2F&rid=esp&cc=1

Request Chain 76

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ew.com&sn=ChromeSyncframe&so=0&topUrl=ew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MZSuLnxlY1lpK3Mrc0NxR25QTHNpdTJ3YS90bUNsSHNlTDBtUlREOGdXcjBZaUJ4d05VZXpzR2piY0hOb0ZONzB6dVRnMTd6R202WkdJSjBYZUt4MWtONThXeHpOMFBsT3paOVBwN2FtamxDMW45dFJGQ3M3aU9ObW0reUhGL08vakZKMysxUVhXM2pnR2puMUJBOFZxdHBGTEg2dkI4UmdNazB5eHVCK256b3JZbDRjbEZPSEJNZk5XY25aeUI3aWpjWCsvMGpFb3N3d2FkYnNQQU5DOHB2b0ViUmRaTVdEMVdKSXRodmtFTmdKWGR6WklsR2FXNzJ3dTJDMG9RQnJOVkd0TFFGK3FqZm43K09RQUZkeUJ1K28wdz09fA&cppv=2

Request Chain 130

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC0lo6-vQEQ6AcY6AcyCJVjH4L9ll43 HTTP 301
https://tpc.googlesyndication.com/simgad/5968071156952706106

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1oYnL9IRZf6CHczrzQbw4b-gAsLkt8xxs4iK57EQv-EeEAEgqP3AEmCV-vCBjAegAaKg7_MDyAEJqQJGUKvcTsSxPuACAKgDAcgDywSqBKgCT9D6ExMFdN5uou4mWINKPJ8gHBPE1BqqkSQ-LCfVPUqpXFFM13-DZH7l9sHPs8xkm-AeiPGYqanYhBFCXwNZvvhEVlBm3ZVG8COcNOTdWBApimtm5sf_BSVILOMU4jd4qWH2OyvduMTHGd3MXrAt4ecPzlOdu0p4RxFXrRmgh9wim5dFntk6V3cjUpQ-cFiuBVWt1NXjy8-OgPnIHJosGhiyVFYcig3XEWWn5msulq4OYXhOg00wL8Tfav4pl5AZDvHLSFNrrhPaY6JEQHSSyAojMVneSn_M-m-HZgvnN2292stUVtOysat6e8sRpLGfAfG8hZDIMPv6F7u1crZKD7YEijM759QouhywKSnNlvt6hqL_o-wn7LHIYk5_pLJAJmRTN0TlEbTABJfto8KQBOAEAYgFxJWaE5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIP6ENIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCU1odHRwczovL3d3dy53YWxidXNjaC5kZS8_d2lkPWRlX2JhJmNhbXBhaWduPWRlX2JhLzAvc20vZ2RuL3diay93YmsvMjgwMTIwMjIvMIAKA8gLAeINEwiG2K_rssaBAxXMddMKHfDwDyTYEwuIFAfQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjk4MzMwNzI4OTY4OTIwNhjajhE&sigh=oL5UIRdkY0A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSXQBpAlJWZazdP-FQJzHlMs0LFTaX2nAYY8d6MHe6ZQWmb80NDi5VnZfv3xBFE8aGKh25z9biYbd4J5Rqu3xi-Mo-e8A0UukFLIH5-s_hgS9hwEQogEbjni6iaD0zIxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229589076086248213537%22,%22debug_reporting%22:true,%22destination%22:%22https://walbusch.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221048301602%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213895658850380616497%22}&andc=true

139 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ew.com/
Redirect Chain

http://entertainmentweekly.tv/
http://www.ew.com/
https://ew.com/

487 KB
55 KB

27ms
9ms

Document
text/html

99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

d3b7a54941ebc2ed30095c77c68f710d813fc0a8a2ad9e6dc9e50849392c2a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
cache-control: max-age=30
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 18:32:12 GMT
etag: W/"79d27-u5gvP9Uy+Qdcr+KS4ciY2DZZRAg"
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
server: nginx
strict-transport-security: max-age=86400; preload
vary: Accept-Encoding
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-id: CnerzNMoEw6f16PrziPwG1au4Fvc-vSW7LskqKlNHEfXQ9iW1i-L7Q==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type: content-type-homepage
x-content-type-options: nosniff
x-element-page-cache: MISS
x-powered-by: Element

Redirect headers

Connection: keep-alive
Content-Length: 49
Content-Type: text/plain; charset=utf-8
Date: Mon, 25 Sep 2023 18:32:14 GMT
Location: https://ew.com/
NEL: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
Server: nginx
Strict-Transport-Security: max-age=86400; preload
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WQG2b-GpEd6GWLj0IvYE22ssIZ-G0UWetstSit8EG9-VSTa7fCnVVw==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
X-Powered-By: Element

GET
H2 200 style-8dc2a1b21a8569300920-hash.css
ew.com/dist/ 1 MB
159 KB 17ms
17ms Stylesheet
text/css 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

5e7832c690a4f840841b0824e3161d5e2fa5be3f5fc3067f789c570b78020030

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:48:06 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 14:25:52 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 1032248
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: mMCUcphtq0ZtqXcCZPj1YcRIfk0-6EFisTiR3IB0GNLpxqbgFgqATg==

GET
H2 200 main-726ccd4038997ff29e37-hash.js Show response
ew.com/dist/ 292 KB
90 KB 11ms
10ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

3d50d1944838d555f42671e84af402e6c47441628b2f24239d909ba3bbd11470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:48:06 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 14:25:52 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 1032248
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: MOfOv580n3e1jc9sCA-YQ4kuZGB3IQC9oOq07MW18Qt5wgOrZmF45A==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 52ms
33ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 9010
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:17 GMT
server: cloudflare
etag: 0x8DBBACFD38A4097
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d42448e-901e-0002-79c4-ec873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c559440f9b9bb2-FRA

GET
H2 200 karma_ddm.ew.com.js Show response
karma.mdpcdn.com/service/js-min/ 364 KB
113 KB 60ms
9ms Script
text/javascript 2600:9000:223f:3800:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3800:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d0d29b00b052c8267397de4d785b6ca026cb877592d596c9505788ade57d585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: GtJbbwTQfup5xBFJzeuYEyMJyX.ulQZW
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 18:27:53 GMT
last-modified: Tue, 15 Aug 2023 21:34:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 265
etag: W/"e7569cd55d28a117bc6a5941fab05764"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-cf-id: 4CxgzvBQVeoKxpucXAbnJNsYEXr2oSBCKGv-RLzkCD72znQN6ShNXw==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 271b7928be5f7f18e3ede76d139fc282b258c14b26d0ef05d4623d0cb859371b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887f06fc01d48470756bd818c9d5ac08f826f1465e4c875019331e37524a30f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aeb82f5acfe68969d0f588f3f04d81c92d6a311a1c4d153eaac0ddb832d6bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 large-slash.svg
ew.com/img/icons/ 191 B
775 B 8ms
7ms Image
image/svg+xml 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ew.com/img/icons/large-slash.svg?976-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

ee772365ce777dde44e83cb4e94b94c51302a7c33b3126b0b2e602e901cd1c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 21:41:57 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 1025417
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 191
last-modified: Wed, 13 Sep 2023 13:50:51 GMT
server: nginx
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: image/svg+xml
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: j1zmsxCGFErw8GUn9RSXjsUWdwD0fnd0OF3_prRGXcBrlT9u3KSA6Q==

GET
H2 200 down-arrow.svg
ew.com/img/icons/ 573 B
1 KB 8ms
8ms Image
image/svg+xml 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ew.com/img/icons/down-arrow.svg?976-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

781231689f733ffd9e4234bebd13c969cf1d06caea5514fed06189c2e8e4c4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 10:37:34 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 978880
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 573
last-modified: Wed, 13 Sep 2023 13:50:51 GMT
server: nginx
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: image/svg+xml
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: r-si0ajDIe_J97eDKYreRh67UcSFz2SHYAyIV2PZkt5OsmSdxKdIOA==

GET
H2 200 OriginalSans-Three.woff2
ew.com/font/ 41 KB
42 KB 10ms
10ms Font
font/woff2 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/OriginalSans-Three.woff2?976-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

d5238399eec84b85c1eec58f82de8e989eed128839d4ada23bd908eb554c2bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css
Origin: https://ew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:48:06 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 1032248
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 41968
last-modified: Wed, 13 Sep 2023 13:50:51 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 53y5GvFZpFmxReObWmCNyguVcObkG1l2wA4hwygtTGtEY1RGp_v3EA==

GET
H2 200 CaslonDoric-Semibold.woff2
ew.com/font/ 34 KB
34 KB 9ms
9ms Font
font/woff2 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Semibold.woff2?976-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

4f90198e0054450e2f21f7ad14ee10874ef81a3bdb3685426ea131d2cd5244a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css
Origin: https://ew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:48:06 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 1032248
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 34708
last-modified: Thu, 31 Aug 2023 16:59:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: T8Amj6JnbYB7ojxbIvQrQB4TMh5B4AFXUvKGTNvxjE9w_d1bLq1eZg==

GET
H2 200 CaslonDoric-Regular.woff2
ew.com/font/ 48 KB
48 KB 12ms
11ms Font
font/woff2 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Regular.woff2?976-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

5db23c1f4bb294496df9184dffd00fe2921b4e01934dbe523f771b56d1a1ec03

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-8dc2a1b21a8569300920-hash.css
Origin: https://ew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:48:06 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 1032248
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 49028
last-modified: Thu, 31 Aug 2023 16:59:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: GAUOojgIcgZ3k5OX5mFm-Oa7pi1B3Oc1Z7EkoN_6_I1aM2J7I6Ce6Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 322 KB
91 KB 74ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVB2833

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

476b653962effa1ef832a217293aa95fd3917bbb60c9b123c3de509b2475af5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93071
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 18:15:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Sep 2023 18:32:14 GMT

GET
H2 200 6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ 5 KB
2 KB 53ms
36ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74207b9e51e101b04e4b3b8f9949583de91b041301851a8fc696f1960f26a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14298
content-md5: c4yvWQyLbLJZ0UwkNj7vMg==
content-length: 1695
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 13:38:25 GMT
server: cloudflare
etag: 0x8DB77DCF2E94237
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 08f0a308-701e-0059-23c5-a9dd60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c5594519e23a88-FRA
expires: Tue, 26 Sep 2023 18:32:14 GMT

GET
H2 200 / Show response
ew.com/hermes/ 0
805 B 23ms
22ms XHR
text/plain 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
Requested by: Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:14 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
vary: Origin
access-control-allow-methods: GET,HEAD
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 2D3Nq0qX14KNg6SfdoRYOb19D03zk3dQbjpuEm5vgMX8ll7ey16HbQ==

GET
H2 200 202-b07f66bfde8cfe88d6c2-hash.js Show response
ew.com/dist/ 16 KB
6 KB 8ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/202-b07f66bfde8cfe88d6c2-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

7163757ed6e9a3007662638d92ed95c15db5ba411809d3d58486c19548be68ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:16:11 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3978963
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: YH1VLmHIcBRdAhGri5zmB_ZA3ywBIiR85ML242d0F0cxx1h12uhKIQ==

GET
H2 200 8945-42d8fb2f72e9e6e14d48-hash.js Show response
ew.com/dist/ 6 KB
3 KB 8ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/8945-42d8fb2f72e9e6e14d48-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

4cb0a491cec5d828eb928b260296c07b0cfb8a61f8af735c0f973922d2f51c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 19:27:02 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3539112
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: O260L6vWBdMCEam_yvEj6YCin1x_xbwFIyuTUXL_k4yN2cya8ran7g==

GET
H2 200 190-c6511eee1aaa6be346f4-hash.js Show response
ew.com/dist/ 9 KB
4 KB 10ms
9ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/190-c6511eee1aaa6be346f4-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

64021802710b9d2304a185271a09d0523841c339177d54eaab0117fe6d2cd38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 15:30:06 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3121328
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: mJqYnkUuWqBPeyadDEskJURT8rkTHx2Adj5vl1DWOppn3uLc_tj1_Q==

GET
H2 200 2854-3112e873200414968af1-hash.js Show response
ew.com/dist/ 7 KB
3 KB 10ms
9ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/2854-3112e873200414968af1-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

88694a79a8777f9dfd09a2e560155937b81c2beb88e67f1220bc7721701f641e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:16:43 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3978931
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 6DQ7-Sg9yH3uAXdMsQMKugAm95D7MBnL7YDBgtXkjEauTNmNvFmX-g==

GET
H2 200 931-a64d310d35c78d9f7b03-hash.js Show response
ew.com/dist/ 9 KB
4 KB 10ms
10ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/931-a64d310d35c78d9f7b03-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

6c51d9e01f5f9f10c6f34dfd65e574669ed4c2cc492a10292d5459393b31b968

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 15:30:06 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3121328
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: KPHRvJnlVyk_JIoqT43LbRRQb-SBabuCCYDtj0C4UqPVnCmnn_1OGA==

GET
H2 200 9663-314d142a7495526c4fed-hash.js Show response
ew.com/dist/ 16 KB
5 KB 11ms
10ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9663-314d142a7495526c4fed-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

74c58ae0ebc8cc127da9cb010091abb8ccd647687df0b0964f35deb7b780c821

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:16:10 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3978963
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: HjEpecHmNdV-LC0s0orwkEXUxRZoiGK405dgJeGT8L2-CbJT81iWxA==

GET
H2 200 2186-4203e0b95c98ef744af3-hash.js Show response
ew.com/dist/ 12 KB
5 KB 11ms
10ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/2186-4203e0b95c98ef744af3-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

e0cc2d2b191d09b3a7292f7382154f96c50899be37050b8a282fdff1cadd4ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:17:18 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3978896
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: Q5Lxn2_JNlWHiCPT3-n5-wjzA07DAJkYoTOMg4v8Hhq4G1Dc73Eh_Q==

GET
H2 200 5142-f0715851cf3217f068ac-hash.js Show response
ew.com/dist/ 10 KB
3 KB 9ms
9ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/5142-f0715851cf3217f068ac-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

5d71059500bb86d1797b3cd7ccfdd33320a058f13e26e431c6448fa608396ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 19:27:02 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3539112
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: z7jPnumF_dKVHVHpFim8_kc7qSH5HBhtulL3KsV5pFrTxX2dmNgJaA==

GET
H2 200 6257-cbd00d7385fccbcfa68c-hash.js Show response
ew.com/dist/ 9 KB
3 KB 8ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/6257-cbd00d7385fccbcfa68c-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

1d3bed50505ec1558eb3b4f317247451e550f4b4e8a7e2d62517f5ea79efd6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 17:16:10 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3978963
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: V8nb8aVqKyyLxHRB8MDYcMZEY4jlvUsiHAg5lk0y8OJOuE-IL3UGNQ==

GET
H2 200 9669-0a8fbc3ac40c747d2b70-hash.js Show response
ew.com/dist/ 20 KB
7 KB 8ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9669-0a8fbc3ac40c747d2b70-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

4b89dd9becf14fdc796aa4720eef9413c016f8f756cde4861216e9a68d3914e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 19:27:02 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 17:49:18 GMT
server: nginx
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Element
age: 3539112
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: GUTpWqwmvbr2C_O9yNEpob_hHabyk1h0hlzjyaxOrSR0fnYtll3jWg==

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

191ms
165ms

Script
application/x-javascript

2a03:2880:f276:e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Server

2a03:2880:f276:e8:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54e4306d185443d80a16d22b64f3625cf7a725b065c57c8c78a81e4066de09c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 18:32:15 GMT
content-md5: R3TznaFfPQHnqPRTlR/aXQ==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19586
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: TNa5qo8cWARfV/LkK+hJUPXDCNl9L4pHtQGF3XzsGPlaEE3QbEGgwyKiRWmXNtdvHG+ubMK0IeMim2TPD1ptvQ==
x-fb-content-md5: 627feb7dedff948758bf39320ca86cd0
cross-origin-opener-policy: same-origin-allow-popups
etag: "e2b7478f439272e67939ca35f1429cdd"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:52:15 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Mon, 25 Sep 2023 18:32:15 GMT
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-726ccd4038997ff29e37-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54115125e4155c37563309762526d328d7547c99df09f4936e16770e3494b139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 18:32:14 GMT
content-md5: xwmztIZNbRGLHL6bnFxxfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: cgEiVX4+JZTjqotl27rsR60xxSk1CO5XrJluCvBGc2EumJKTc7cgMVkbR7WZDHHproIFpA44V4KPBpTl+AtNTQ==
x-fb-content-md5: 153a167e2b757182d2c2bd97f48e02b4
cross-origin-opener-policy: same-origin-allow-popups
etag: "52cbcb30a981d882f50ee9c43bba64b1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:43:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 175ms
102ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0b8c5a3ad55a5491f92158429a32c4173b19fe1bae50920913ea178162ca7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29353
x-xss-protection: 0
server: cafe
etag: 767 / 19625 / m202309190101 / config-hash: 11610443151874868449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:32:15 GMT

GET
H2 200 segments Show response
d30qdagvt44524.cloudfront.net/production/ 15 B
375 B 472ms
396ms Script
text/javascript 2600:9000:218e:a600:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=1d668d85-e7a2-4f73-8ddb-d72472ffc1e2
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:a600:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 fb7dd4ab7d279a5ac003ba27474cf5ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amzn-trace-id: Root=1-6511d22f-3749e08531903d9c64f02d80;Sampled=0;lineage=abd734a0:0
x-amzn-requestid: 0e3820f1-4744-405c-a1d2-78c5ee7c1375
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-apigw-id: L03HbGW9oAMEU8A=
content-length: 15
x-amz-cf-id: y0NJPXkZxfLUcytDB_mLwCCJeaB-TrAT6nHYKKejLIcywE1qjzWXPQ==

GET
H2 200 184003-52190608802424.js Show response
js-sec.indexww.com/ht/p/ 33 KB
12 KB 175ms
112ms Script
text/javascript 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Sep 2023 18:21:30 GMT
server: cloudflare
age: 590
etag: W/"da3ecb-8569-6063306f88c44"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 80c55945ccd42baa-FRA
expires: Mon, 25 Sep 2023 22:32:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 91ms
18ms Script
application/javascript 52.222.162.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.162.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-162-13.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:51:56 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 19:18:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, CDG52-P2
age: 2420
x-amz-server-side-encryption: AES256
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 4MapQQa2EIrj_Fv8AJes3WeLPRY9_e6zDASjyNrUCpE38N1Kd_DKCw==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
464 B 96ms
8ms Image
image/gif 2600:9000:2490:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=1d668d85-e7a2-4f73-8ddb-d72472ffc1e2&request_id=d536a5ec-df52-4bbb-9808-d50ae1d56d56&url=https%3A%2F%2Few.com%2F&host=ew.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F117.0.5938.92%20safari%2F537.36&muuid_origin=ew.com
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:43:50 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 13705
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: _w90M7EL6lWUtAArCE5dH1MJiAUWTWDXn8FdsxkoYZx4pEznBHKDUQ==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 76ms
57ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80c55945dc5c3808-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVB2833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 17:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Sep 2023 19:44:21 GMT

GET
H2 200 generic-image.svg
ew.com/img/icons/ 3 KB
2 KB 9ms
8ms Image
image/svg+xml 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ew.com/img/icons/generic-image.svg

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

cac3fc0dd2d787dd4eb7496d2d0ce7658a075fcb00df6ff96d2919de879242f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 07:13:48 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 11791107
x-powered-by: Element
x-cache: Hit from cloudfront
last-modified: Tue, 25 Apr 2023 15:35:18 GMT
server: nginx
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: image/svg+xml
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: Vq43dutwMmoFbU89T3n35Vn1AHLaMW30ydK6SSdEiaV4TqSNQa_6Nw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 77 KB
77 KB 65ms
23ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F22%2FThe-Hunger-Games-Ballad-of-Songbirds-and-Snakes-092223-01.jpg&w=1200&h=800&q=60&c=tc
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: e7cc08e44eea48fd361f90a696e7c0dfd47dfa0b8ea0c38d8552e2524571e387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000027-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 16:07:20 GMT
server: nginx/1.25.2
age: 8695
x-timer: S1695666735.145161,VS0,VE7
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 78784
x-cache-hits: 2, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 30 KB
30 KB 49ms
8ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F22%2FFMP23-albums.png&w=640&h=428&c=sc&poi=%5B2000%2C1119%5D&q=60&rect=3%2C0%2C3997%2C2662
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 8f2efb82c7b1151cc0e7b4f9f1ae7e0514b2ec680c78cf7974645efec21c745d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 17:54:47 GMT
server: nginx/1.25.2
age: 2246
x-timer: S1695666735.145145,VS0,VE1
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 30860
x-cache-hits: 27, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 48 KB
48 KB 52ms
11ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F18%2FSURVIVOR-091823-02.jpg&w=316&h=211&c=sc&poi=%5B580%2C26%5D&q=60
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 61ce015138e5fdc7aa0a7b5d58db8bcd130876ae406ce0c8d07222c496a368b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100049-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 17:54:48 GMT
server: nginx/1.25.2
age: 2247
x-timer: S1695666735.145160,VS0,VE2
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 49406
x-cache-hits: 22, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 21 KB
21 KB 59ms
18ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F22%2FWGA-strike-09212339.jpg&w=316&h=211&c=sc&poi=%5B705%2C442%5D&q=60
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 9a0fa76974cd6d0a1a81e90af6f21257c66b2677af264e27345d0564a6db6bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000138-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 14:37:11 GMT
server: nginx/1.25.2
age: 14104
x-timer: S1695666735.145743,VS0,VE3
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 21306
x-cache-hits: 19, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 8 KB
8 KB 64ms
24ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F25%2Fwoody-harrelson-sam-claflin-hunger-games-092523.jpg&w=80&h=80&q=60&c=tc
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 85247f760ae49d90d39755c1e2fb1ad52ac01ea293b2d7752501b9c9a2e9989b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200099-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 17:54:47 GMT
server: nginx/1.25.2
age: 2247
x-timer: S1695666735.145508,VS0,VE8
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 8184
x-cache-hits: 20, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 15 KB
16 KB 51ms
10ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F25%2Fsophia-loren-092523-1.jpg&w=80&h=80&q=60&c=tc&rect=279%2C0%2C1185%2C906
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: c217f630715e1f1f2951a67f33a749da2c10feaf73199179e5f1514dc3d44733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200109-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 14:04:22 GMT
server: nginx/1.25.2
age: 16073
x-timer: S1695666735.146019,VS0,VE1
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 15822
x-cache-hits: 52, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 5 KB
5 KB 18ms
18ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F03%2F22%2FBruce-Willis-Emma-Heming-Willis-032223.jpg&w=80&h=80&c=sc&poi=%5B940%2C119%5D&q=60&rect=396%2C0%2C1621%2C1225
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 6a3bbc562242456774b277ffb9e78c1fedebb5beeff78dbc51725f554abba454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200119-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 16:47:45 GMT
server: nginx/1.25.2
age: 6269
x-timer: S1695666735.149008,VS0,VE2
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 5462
x-cache-hits: 85, 1

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 18 KB
18 KB 19ms
18ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2023%2F09%2F25%2Flive-with-kelly-mark-092523-1.jpg&w=80&h=80&q=60&c=tc&rect=250%2C0%2C1250%2C1000
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.25.2 /
Resource Hash: 0edcf872fc00babbaad61aba9f5b48a920878e3624bef173abe1f401fc5a4e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000164-IAD, cache-fra-etou8220051-FRA
date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 25 Sep 2023 14:37:11 GMT
server: nginx/1.25.2
age: 14104
x-timer: S1695666735.149098,VS0,VE2
x-cache: HIT, HIT
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
accept-ranges: bytes
x-robots-tag: noai, noimageai
content-length: 18480
x-cache-hits: 19, 1

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4f5f110660eda972062c6c20c4ef8dba

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e100b9ee7a9d1dab73a5faca955447c2fb5f676779c22d279279baef7f45733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ew.com/
Origin: https://ew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 18:32:15 GMT
content-md5: UF6tSVYL7Gqd5rWj9VJxtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86683
x-fb-debug: 0rvzI+R22Ud52JerbU/klvcp9SNteW9u90WgCuv8WsGB5qfYZN8h0k3FifMxLNZFxkHoJfWpX+en79sbFiJalA==
x-fb-content-md5: 3878265d6fdbf0399a55d484981382fa
cross-origin-opener-policy: same-origin-allow-popups
etag: "813dcb770e24d88804124064d87ae70b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Sep 2024 17:11:49 GMT

GET
H2 404 sitewide-alert Show response
ew.com/element-api/content-proxy/ 38 B
745 B 12ms
12ms XHR
application/json 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/element-api/content-proxy/sitewide-alert

Requested by

Host: ew.com
URL: https://ew.com/dist/9669-0a8fbc3ac40c747d2b70-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-71.fra6.r.cloudfront.net

Software

nginx / Element

Resource Hash

b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:14 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA6-C1
age: 1
x-powered-by: Element
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
x-cache: Error from cloudfront
content-length: 38
server: nginx
etag: W/"26-ELlU8zCQImGVufNufBwxhxLCesI"
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: application/json; charset=utf-8
cache-control: max-age=30
x-amz-cf-id: YqZ99AbHwYmBeW4AXKYD8rBfT7wbWjKVdj2G5VxuuXv_Lz_q5oG2SA==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ 334 KB
79 KB 31ms
30ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 44583
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6c2c2504-801e-00c4-7de1-5aa720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c559468cc29bb2-FRA

GET
H2 200 3446 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
771 B 47ms
7ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3446
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1b3bf5c40c29bcfe5897a85f57f59803d6075f8ef3cece0e489ed50ee5e47bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:35:19 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3416
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: t0QAWUYgdZNOs1oZxNZCN01SLg4AG9DSSyUBih-A69NgycBVL3aJxg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 353 B
703 B 19ms
19ms XHR
application/json 52.222.162.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.162.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-162-13.cdg52.r.cloudfront.net
Software: Server /
Resource Hash: d072b8452ce8e167beada5f4228f6328c7dcae49df1afe76ce151f2bbbdb3ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:21:41 GMT
via: 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P2
age: 4234
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ew.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 353
x-amz-cf-id: 3zHMRQzC_tTq5Eoa6O4Om6oocOErnaHBRPWDVZoJiUqXc2o9h45ALw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 54ms
19ms XHR
application/javascript 52.222.162.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.162.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-162-13.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 da68614307a40db3dcbe53959fc92288.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 04:49:37 GMT
x-amz-cf-pop: CDG52-P2
age: 49359
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: SLQf4oDV6KWQq8GsD9r5MvC-jKQ51I3rir7q6mVo8z_MxqXqVrbM5w==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
140 B 18ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=692633739&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2F&ul=en-us&de=UTF-8&dt=Entertainment%20News%20for%20Pop%20Culture%20Fans%20-%20Entertainment%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1255744243&gjid=1689605901&cid=1987073497.1695666735&tid=UA-97981691-4&_gid=450518051.1695666735&_r=1&_slc=1&gtm=45He39k2n81WVB2833&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=&cd13=undefined&cd14=undefined&cd15=undefined&cd16=undefined&cd17=undefined&cd18=undefined&cd19=undefined&cd20=undefined&cd21=undefined&cd22=undefined&cd23=undefined&cd24=&cd25=&cd26=&cd27=&cd28=undefined&cd29=&cd30=&cd31=&cd32=&cd33=&cd34=&cd35=&cd36=&cd37=&cd38=&cd39=&cd40=&cd41=&cd42=&cd43=&cd44=&cd45=&cd46=&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=&cd53=&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd63=&cd64=&cd65=&cd66=&cd67=&cd68=&cd69=&cd70=&cd71=&cd72=&cd73=&cd74=&cd75=&cd76=&cd77=&cd78=&cd79=&cd80=&cd81=&cd82=&cd83=&cd84=&cd85=&cd86=&cd87=&cd88=&cd89=&cd90=&cd91=&cd92=&cd93=&cd94=&cd95=&cd96=&cd97=&cd98=%7D&cd99=&cd100=&cd101=&cd102=&cd103=&cd104=&cd105=&cd106=&cd107=&cd108=&cd109=&cd110=&cd111=&cd112=&cd113=undefined&cd114=&cd115=&cd116=&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd128=&cd129=&cd130=&cd131=&cd132=&cd133=&cd134=&cd135=&cd136=&cd137=&cd138=&cd139=&cd140=&cd141=&cd142=&cd143=&cd144=&cd145=&cd146=&cd147=&cd148=&cd149=&cd150=&cd151=&cd152=&cd153=&cd154=&cd155=&cd156=&cd157=&cd158=&cd159=&cd160=&cd161=&z=727766052

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=692633739&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2F&ul=en-us&de=UTF-8&dt=Entertainment%20News%20for%20Pop%20Culture%20Fans%20-%20Entertainment%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=&gjid=&cid=1987073497.1695666735&tid=UA-97981691-4&_gid=450518051.1695666735&gtm=45He39k2n81WVB2833&cd1=&cd2=&cd3=&cd4=&cd5=2023%2F09%2F25&cd6=2019%2F12%2F18&cd7=own&cd8=homepage&cd9=front%20end&cd10=ew.com&cd11=&cd12=&cd13=undefined&cd14=undefined&cd15=undefined&cd16=undefined&cd17=undefined&cd18=undefined&cd19=undefined&cd20=undefined&cd21=undefined&cd22=undefined&cd23=undefined&cd24=&cd25=10726168&cd26=&cd27=&cd28=undefined&cd29=&cd30=&cd31=&cd32=&cd33=&cd34=&cd35=&cd36=homepage&cd37=&cd38=&cd39=&cd40=&cd41=&cd42=&cd43=&cd44=1&cd45=&cd46=&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=&cd53=&cd54=&cd55=&cd56=&cd57=&cd58=&cd59=&cd60=&cd61=&cd62=&cd63=undefined&cd64=&cd65=&cd66=&cd67=1d668d85-e7a2-4f73-8ddb-d72472ffc1e2&cd68=&cd69=&cd70=&cd71=&cd72=ew_homepage&cd73=&cd74=homepage&cd75=false&cd76=&cd77=&cd78=&cd79=v4&cd80=test&cd81=&cd82=&cd83=&cd84=&cd85=&cd86=&cd87=&cd88=&cd89=&cd90=d536a5ec-df52-4bbb-9808-d50ae1d56d56&cd91=&cd92=1695666734880&cd93=cms%2Fonecms_posts_ew_10726168&cd94=&cd95=&cd96=&cd97=&cd98=%7D&cd99=10726168&cd100=homepage&cd101=&cd102=&cd103=&cd104=&cd105=&cd106=&cd107=&cd108=&cd109=&cd110=&cd111=&cd112=&cd113=undefined&cd114=&cd115=&cd116=&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd128=&cd129=&cd130=&cd131=&cd132=&cd133=&cd134=&cd135=&cd136=&cd137=&cd138=&cd139=&cd140=&cd141=&cd142=&cd143=&cd144=&cd145=&cd146=&cd147=&cd148=&cd149=&cd150=&cd151=&cd152=&cd153=&cd154=&cd155=&cd156=&cd157=&cd158=&cd159=&cd160=&cd161=&z=711167512

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 05:39:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46366
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
160 B 352ms
129ms XHR
application/json 54.163.238.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=ew.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.238.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-238-217.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://ew.com
date: Mon, 25 Sep 2023 18:32:15 GMT
access-control-allow-credentials: true
server: nginx/1.24.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
353 B 60ms
21ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
383 B 107ms
35ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: cab506cba3e86ef5f67d715442d3dd7701591ce151c3c725f9e991a2c0f7f060

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ew.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 25 Oct 2023 18:32:15 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/ 409 KB
129 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c12c5de9ee0e73d6f0877a170e1a884ca1ea4976b98fc4b90432de5d650f0061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131893
x-xss-protection: 0
server: cafe
etag: 4805128364399664152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Sep 2024 17:58:16 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 115ms
12ms Script
application/javascript 104.77.32.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.32.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-32-87.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 25 Sep 2023 18:47:15 GMT

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 350ms
106ms Preflight 3.224.77.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.77.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-77-213.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ew.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 25 Sep 2023 18:32:15 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 106ms
105ms XHR
text/plain 3.224.77.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.77.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-77-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 18:32:15 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
342 B 64ms
24ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97981691-4&cid=1987073497.1695666735&jid=1255744243&gjid=1689605901&_gid=450518051.1695666735&_u=YEBAAUAAAAAAACAAI~&z=396955507

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Sep 2023 18:32:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/73b2fc4e-0a8d-43df-a350-67ead8d97124/ 163 KB
27 KB 26ms
26ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/73b2fc4e-0a8d-43df-a350-67ead8d97124/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f3c89045df2494896a4ffa1dd5f55b5d3b9a59712129716e1d6d5222f9663c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14284
content-md5: SKIW8juBfPBQM0StCCaIyg==
content-length: 27863
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 13:38:41 GMT
server: cloudflare
etag: 0x8DB77DCFC459421
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b76874aa-f01e-0180-3cc5-a93d19000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c559473c453a88-FRA
expires: Tue, 26 Sep 2023 18:32:15 GMT

GET
H2 200 bLayout-en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/73b2fc4e-0a8d-43df-a350-67ead8d97124/ 14 KB
3 KB 26ms
25ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/73b2fc4e-0a8d-43df-a350-67ead8d97124/bLayout-en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21556ea6ad3e2af68fd534c145391ec5a2e187c42aeed11b2061a67c49db088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14284
content-length: 2958
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 13:38:44 GMT
server: cloudflare
etag: 0x8DB77DCFE199E41
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cadf5cbd-501e-0082-52c5-a979b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c559479c933a88-FRA
expires: Tue, 26 Sep 2023 18:32:15 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 58 KB
14 KB 27ms
26ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e02bee0e07e55b5375ce1666aedda58acaa6adc8d86dcefbe8e7c491bf0e7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bHuEGwmXEYacCHzgWFGP/Q==
age: 36186
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC0130DE3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c0290a41-f01e-012a-72e1-5aebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80c559479c983a88-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 21 KB
4 KB 23ms
22ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Sep 2023 18:32:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2HSefDmVwJneRQMu6SXIPw==
age: 34484
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 87409a03-001e-0134-06e1-5a311b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80c559479c9c3a88-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 72ms
49ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97981691-4&cid=1987073497.1695666735&jid=1255744243&_u=YEBAAUAAAAAAACAAI~&z=981693587

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 69ms
46ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97981691-4&cid=1987073497.1695666735&jid=1255744243&_u=YEBAAUAAAAAAACAAI~&z=981693587

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 82ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 19:33:05 GMT
content-encoding: gzip
age: 82750
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 23 Sep 2024 19:33:05 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 83ms
40ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 18:32:15 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 354 KB
63 KB 580ms
579ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1717963005616020&correlator=3889568048010099&eid=31077099%2C31078139%2C31078141&output=ldjh&gdfp_req=1&vrg=202309190101&ptt=17&impl=fifs&npa=1&iu_parts=3865%2Cddm.ew.com%2Ctier1%2Ctaxonomy%2Chomepage%2Ctier2%2Cntv1%2Ctier3%2Ctier4&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F5%2F3%2F4%2C0%2F1%2F6%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F5%2F3%2F4%2C0%2F1%2F7%2F3%2F4%2C0%2F1%2F8%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C320x50%2C300x250%7C299x251%7C300x600%7C300x1050%2C300x250%7C299x251%2C300x250%7C299x251%2C300x250%7C299x251%2C1x1%2C1x1&fluid=0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&sfv=1-0-40&ists=3&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695666735370&lmt=1695659535&adxs=436%2C436%2C170%2C1098%2C1098%2C1098%2C1098%2C0%2C0&adys=16%2C2284%2C3743%2C4969%2C6986%2C9007%2C10881%2C22088%2C22088&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Few.com%2F&vis=1&psz=1600x106%7C1600x23%7C760x0%7C300x19%7C300x19%7C300x19%7C300x19%7C1600x22088%7C1600x22088&msz=1600x90%7C1600x19%7C760x0%7C300x19%7C300x19%7C300x19%7C300x19%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1987073497.1695666735&ga_sid=1695666735&ga_hid=692633739&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGIeS9OysMUgAUgIIZBIUCgVvcGVueBiHkvTsrDFIAFICCGQ.&dlt=1695666734626&idt=672&ppid=1d668d85-e7a2-4f73-8ddb-d72472ffc1e2&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%7Cslot%3Dleaderboard-flex-2%26refreshType%3Dhard%7Cslot%3Dnative%26refreshType%3Dhard%7Cslot%3Dsquare-flex-2%26refreshType%3Dhard%7Cslot%3Dsquare-fixed-3%26refreshType%3Dhard%7Cslot%3Dsquare-fixed-5%26refreshType%3Dhard%7Cslot%3Dsquare-fixed-14%26refreshType%3Dhard%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&cust_params=path%3D%26channel%3Dhomepage%26ctype%3Dhomepage%26tags%3D%26id%3D10726168%26type%3Dtaxonomy%26abTest%3Dmdextest%26concepts%3D%26taxons%3D%26mtax%3D%26pv%3D1%26otabc%3D0%26npa%3D1%26otgeo%3D1%26muid%3D1d668d85-e7a2-4f73-8ddb-d72472ffc1e2%26mrid%3Dd536a5ec-df52-4bbb-9808-d50ae1d56d56%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&adks=1085082271%2C883185178%2C3107189004%2C4116374783%2C3591589305%2C2121155594%2C2328916518%2C631666878%2C1916886689&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

499b2d1ee0232cd6fcc108831993f1ab017657e12b08d9035ae0fd9f30db7ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64619
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,5950375084,5950375084,5950375084,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,138402736716,138403165393,138402736722,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B13B 6 KB
3 KB 106ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 18:32:15 GMT
expires: Tue, 24 Sep 2024 18:32:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gpc.min.js Show response
ddrvjrfwnij7n.cloudfront.net/js/gpc/ 6 KB
6 KB 72ms
17ms Script
application/javascript 13.32.110.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-78.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 11:21:29 GMT
Via: 1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Sep 2021 17:12:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C2
Age: 25963
ETag: "0595aed5727019b05fd2c207a5b462bf"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
X-Amz-Cf-Id: CA-dPROt1MG57VQ1iN4-WlEGI_iNLQf_8ubppHY-DNS-dTWsnHfAsg==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Few.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Few.com%2F&rid=esp&cc=1

85 B
203 B

120ms
119ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Few.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f60e099fb003de4f8fcb9efab0d33e83b9d562fec8d6916416ed0357a9f5dc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-gw8LcwqjDRK+2bqZbQ0m60g9lwQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 25 Sep 2023 18:32:15 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://ew.com
location: /esp?url=https%3A%2F%2Few.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DC9C 15 KB
6 KB 68ms
25ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ew.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 18:32:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 441275
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame DC9C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ew.com&sn=ChromeSyncframe&so=0&topUrl=ew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=MZSuLnxlY1lpK3Mrc0NxR25QTHNpdTJ3YS90bUNsSHNlTDBtUlREOGdXcjBZaUJ4d05VZXpzR2piY0hOb0ZONzB6dVRnMTd6R202WkdJSjBYZUt4MWtONThXeHpOMFBsT3paOVBwN2FtamxDMW45dFJGQ3M3aU9ObW0reU...

435 B
655 B

80ms
22ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MZSuLnxlY1lpK3Mrc0NxR25QTHNpdTJ3YS90bUNsSHNlTDBtUlREOGdXcjBZaUJ4d05VZXpzR2piY0hOb0ZONzB6dVRnMTd6R202WkdJSjBYZUt4MWtONThXeHpOMFBsT3paOVBwN2FtamxDMW45dFJGQ3M3aU9ObW0reUhGL08vakZKMysxUVhXM2pnR2puMUJBOFZxdHBGTEg2dkI4UmdNazB5eHVCK256b3JZbDRjbEZPSEJNZk5XY25aeUI3aWpjWCsvMGpFb3N3d2FkYnNQQU5DOHB2b0ViUmRaTVdEMVdKSXRodmtFTmdKWGR6WklsR2FXNzJ3dTJDMG9RQnJOVkd0TFFGK3FqZm43K09RQUZkeUJ1K28wdz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b329113cd066f537e9e98cb4eca667ad610b0c3194ab2913a14253f45608284b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1298810
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=MZSuLnxlY1lpK3Mrc0NxR25QTHNpdTJ3YS90bUNsSHNlTDBtUlREOGdXcjBZaUJ4d05VZXpzR2piY0hOb0ZONzB6dVRnMTd6R202WkdJSjBYZUt4MWtONThXeHpOMFBsT3paOVBwN2FtamxDMW45dFJGQ3M3aU9ObW0reUhGL08vakZKMysxUVhXM2pnR2puMUJBOFZxdHBGTEg2dkI4UmdNazB5eHVCK256b3JZbDRjbEZPSEJNZk5XY25aeUI3aWpjWCsvMGpFb3N3d2FkYnNQQU5DOHB2b0ViUmRaTVdEMVdKSXRodmtFTmdKWGR6WklsR2FXNzJ3dTJDMG9RQnJOVkd0TFFGK3FqZm43K09RQUZkeUJ1K28wdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 283651
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

471aee0cc9a7fcc90a3eea0f9a48af7b4d1c08401900333cc83b817fed00cb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12048
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 18:32:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32C1 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 11:42:32 GMT
expires: Tue, 24 Sep 2024 11:42:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C81E 829 B
999 B 20ms
19ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

790e6f4074c1e2fab0f6be79582873f1186d0d64d7d39aef152beebd9da876a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vNPAHKnR-TzY5QnNtpkIkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vNPAHKnR-TzY5QnNtpkIkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 18:32:15 GMT
expires: Mon, 25 Sep 2023 18:32:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 32C1 37 KB
14 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 12:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 12:31:14 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 79B9 0
176 B 52ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 25 Sep 2023 18:32:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C81E 0
0 107ms
107ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309190101&jk=1717963005616020&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 32C1 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tTYarw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012308011702000/ Frame 178E 222 KB
62 KB 132ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62025
x-xss-protection: 0
server: sffe
etag: "2e9edf8f2a89282d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 178E 15 KB
5 KB 146ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 21:11:11 GMT
age: 508865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 21:11:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 178E 94 KB
28 KB 154ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 178E 5 KB
2 KB 156ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 21:11:11 GMT
age: 508865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 21:11:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 178E 40 KB
13 KB 153ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
DATA 200
OK truncated
/ Frame 178E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5804123644088b35ee13efd0ce8a1daeca966635c4cd274029686e833935c02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6662513637588236398
tpc.googlesyndication.com/simgad/ Frame 178E 86 KB
86 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6662513637588236398?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkCIuCzksWwTRYXV7PKzrpv7___eg

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c614a7e3f1c6c0c0f6c2b055d5411843b7ac1cd546df04214e1a9add8b2544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 02:19:39 GMT
x-content-type-options: nosniff
age: 576756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88112
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 09:38:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 02:19:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 178E 2 KB
2 KB 96ms
96ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 76378
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Sep 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 178E 295 B
319 B 96ms
96ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 76378
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 25 Sep 2023 21:19:17 GMT

GET
H2 200 container.html Show response
417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9AA0 6 KB
3 KB 66ms
66ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 18:32:15 GMT
expires: Tue, 24 Sep 2024 18:32:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012308011702000/ Frame F690 222 KB
61 KB 102ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62025
x-xss-protection: 0
server: sffe
etag: "2e9edf8f2a89282d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame F690 15 KB
5 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 21:11:11 GMT
age: 508865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 21:11:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame F690 94 KB
28 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame F690 5 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 21:11:11 GMT
age: 508865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 21:11:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012308011702000/v0/ Frame F690 40 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 16:59:17 GMT
age: 351179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Sep 2024 16:59:17 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F690 2 KB
2 KB 60ms
60ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 76379
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Sep 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F690 295 B
319 B 60ms
60ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 76379
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 25 Sep 2023 21:19:17 GMT

GET
DATA 200
OK truncated
/ Frame F690 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d95a1a04a639bde0f699334b7c97f40ac87116b4658fb05c30b7463a40b3d251

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA96 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEjWmMNFzbdcGcYDXRwVJG24gjqBNtw4Oxs5iFH7uMAxxpIQGT2r0RP2MmcSWUaLlqSu-qNtA8lI9WtIvqovLxEvU7FfK9UEDwFHePt6E3ORyKvhDNV3DB9Qwb1Ugrl86h8nXmdrte-3f6yEJab0soTMUQ694SR93FQfLH63Sf5bG76B9o6973OhKd5mk1gv5g21ZtZDIjDmhSvY68aPysrd4OcDLy7mLjpCWrFErdZicNjL5dWfcmiQwxESW_yVLXc8gIvvy4mBZS0MHkyw7IOxa7AeBkXo4zdYAD_vzbGNOnTRf3dvX8o-46gTdYhf5hD5DpDKoRP16Ftu7H&sai=AMfl-YRtdiCbQMIxmJ927--g6zQttwRPqx9b1vOEqG32HMp-gi9XWkb-OSfcC8FRDfFDgSMVcZe27TES3gg_AzVvRwrU7jWmd3Wv6L_O1DFl66NJmvP4qK45t6vTDd-pymvg6OQOSXcmySZGqQTEc-wkM-e4RJpPCq1p8kuCc9DDz7g&sig=Cg0ArKJSzOHQBPSWsOhcEAE&uach_m=[UACH]&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame BA96 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA96 182 KB
57 KB 111ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 15089404314913931904
tpc.googlesyndication.com/simgad/ Frame BA96 71 KB
71 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15089404314913931904

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d099fe6f979e84fb319c3ae4851a34d54f373694a9098538259127e173a8052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:11 GMT
x-content-type-options: nosniff
age: 427205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:28:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Sep 2024 19:52:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B05A 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0uDWo3rSTGHhhUAbBJ4suTuFJewj6afw8I7qB0CW8T1p9qqPgEe8JPIlUmHq_TzUkv_VKjAeD4DnpkCCKHbcd-CqOzTzPLRzjwmFWfF7AbyhQpBTVn1cytHkKEHVw1n0q_d5dkOW1fM4FlX7i3Wh05lHVt2VP7z6hy07hAoYbNjRT5-nr61gZdlkTxvbO1dczwPZg2POtglbJlXZgaQkAA66ow6_La-bewSmwg9V5FIrnMSiQ34LyaIbCxuNSUOufF2ZzGoSaghnY5xXu_lIvMVMAcnJsUpEalr4Uh2nL7oQzKx7KYuNHtBCgArLUkfWxGgfW9CG9j-NjA0h8&sai=AMfl-YTI0r8q2irJfPHuwUmod_yeAsVZxjckn92U4Eggjew9kybQPv0V4d39L-zrcv4vl9virnry0lkofIoUnH_Ej6GWRCDM9kkzSO7IL161s9YqtvXabZT5P7qkstWpsSYkBa6DTwh6H2pEKYqfUgHEUgZWdZBfr5mS2mF4hcSOFAg&sig=Cg0ArKJSzNaz2E-Ao0uVEAE&uach_m=[UACH]&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 15089404314913931904
tpc.googlesyndication.com/simgad/ Frame B05A 71 KB
71 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15089404314913931904

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d099fe6f979e84fb319c3ae4851a34d54f373694a9098538259127e173a8052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:11 GMT
x-content-type-options: nosniff
age: 427205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:28:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Sep 2024 19:52:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame B05A 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B05A 182 KB
57 KB 147ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62F2 0
0 71ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSwQnZygYHnO0cZ4i6WO4y9Zlfsl8JIenZ2eXG7T0yxNBKXFju0wXz4UuV91_k84-9Rluj1scGx-pwcuDXCGMoCjp6ZlK7Da_Xd5BN9FrZOtxGCHv1NZdWhXWvvICsO-b2GyUrKpZsP9k9DSR0SCz1Z6EH0naEPtH9Bnf_cX7bJRuTnPbfVD4Pm08JtONNWY9Q23bhenVHMepyhenrcAfQe5IQ9w0BC9f3iu1Qq8LGdw9uddeageCCQ3sJKLrIa8_fxImHfyOS7zC5elwxrYgzZD7ltfe1PX-w8o-5NDISE4iu60v6H6KL7cJt1d2uWOPf6i1RTlZtRdaUtyoX&sai=AMfl-YTVWuj9BPG6lqFZ9wQ3WWQRaY8C16mEhF4ZbS98poC4rwETZ8Ge_4lgYgPRXdfQ13hv8H4WsX_vjgpHbCD3IE1t4b0u0CWmBetUvAEre58wjbSnLYHnpWiB7boJLoHbwYYLeEht5e7Db0GpnYlCC0_ZefKxlCmjDifly98Kx7E&sig=Cg0ArKJSzJOxh3U8IvpDEAE&uach_m=[UACH]&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 15089404314913931904
tpc.googlesyndication.com/simgad/ Frame 62F2 71 KB
71 KB 33ms
33ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15089404314913931904

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d099fe6f979e84fb319c3ae4851a34d54f373694a9098538259127e173a8052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:11 GMT
x-content-type-options: nosniff
age: 427205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:28:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Sep 2024 19:52:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 62F2 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62F2 182 KB
57 KB 139ms
96ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 2652150365755156573
tpc.googlesyndication.com/simgad/ Frame F690 91 KB
91 KB 41ms
41ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2652150365755156573

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93da7c460ff9ffa2689dd91b307fe231d1a552159fe2ff975c7354d3996b9ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:24:34 GMT
x-content-type-options: nosniff
age: 274062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93104
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 09:38:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 14:24:34 GMT

GET
DATA 200
OK truncated
/ Frame BA96 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 085d6ba7339ea666ff702600ee3a21ab66c076c4b73485c2b5b0fd8b1a889a13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B05A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 719aacfe1c64dbce2ff16910cb939f0ab231244fa6b10e5c11ce261516f81d14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 62F2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91d00b4a482150790cd4cbbe26e72cd3ed1d0ae6d970601fc82c406471763d44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 9AA0 2 KB
975 B 49ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 16:36:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 9AA0 2 KB
892 B 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/ Frame 9AA0 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/abg_lite_fy2021.js

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 9AA0 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame 9AA0 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 03:24:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9AA0 182 KB
57 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 9AA0 36 KB
15 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 12:26:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9AA0 38 KB
38 KB 60ms
16ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQk0fMKeaIlnzUd2-iOEPtq2RNRhG4GAvrbtsmzDvaAPORvSp2sG9YVIgAvZms&usqp=CAI

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

833af9d57e1e4468b210c18a333a85cc1e27a11f6fe32ca001aa3e7edf58e930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:29:41 GMT
x-content-type-options: nosniff
age: 14555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38867
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 10:06:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 24 Sep 2024 14:29:41 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9AA0 38 KB
38 KB 40ms
7ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcROAfpYr01lr0cbJ2_v0FhaUaXgNy229VMcijBtn-rPCgRXFGjmdDpYrGsSkbo&usqp=CAI

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f0cad693d9385c07cee7020ab1c13c8b9a07f9889f78962ddef6a1e0e8723c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:06:31 GMT
x-content-type-options: nosniff
age: 548745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38679
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 04:33:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Sep 2024 10:06:31 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9AA0 60 KB
61 KB 53ms
9ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ0FO3NgzYTWzPxjSX6uwxhpGgEkNUj4yqwObDMlqMfl1RnejfwMRU24tFCHkM&usqp=CAI

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

343922a4c188ce3849d2affe38b5a180e5b4399c06414ce7f31a6ee509a27907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:03:34 GMT
x-content-type-options: nosniff
age: 260922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 02:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 21 Sep 2024 18:03:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9AA0 24 KB
24 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSHvtXV_eUViS2YDBPy785uShl_IQjjAGNwc40YCDg3I7DiTiiOAG08M6Rebg&usqp=CAI

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd0a5b491b60787770b1b5faff2b03205b4f3ba9080a8a1eb5b6035bfe3fd8ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:23:53 GMT
x-content-type-options: nosniff
age: 540503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24086
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 06:05:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Sep 2024 12:23:53 GMT

GET
H3

200

5968071156952706106
tpc.googlesyndication.com/simgad/ Frame 9AA0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC0lo6-vQEQ6AcY6AcyCJVjH4L9ll43
https://tpc.googlesyndication.com/simgad/5968071156952706106

20 KB
20 KB

11ms
10ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5968071156952706106

Requested by

Host: 417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
URL: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64acb9f9fdc64f50044a7e37b37f2c9420685eb13f23020a7e30db4d9e5e7bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 22:18:15 GMT
x-content-type-options: nosniff
age: 245641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20699
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:23:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 22:18:15 GMT

Redirect headers

date: Mon, 25 Sep 2023 03:34:01 GMT
x-content-type-options: nosniff
server: cafe
age: 53895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/5968071156952706106
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 03:34:01 GMT

GET
DATA 200
OK truncated
/ Frame 9AA0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42cd12e019f4fd57c8ab5295c4ef378d848951af185f533691f041c3ea716a23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 178E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

47ms
22ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Redirect headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA96 0
0 62ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd6Bfv6zYwv4ZPoPio7krcGLIXtcDmihmJcOgg62GdiRu3DK9xafjm7g5Biu0BZzIZjqe8c2UKvRDIHVlbr7nCgOvW4neNT_PkpOlK9JK5z1YxSyuVGUSwypaWUvmGzoxfX2BiO8UZkWCh7HdDa__lgwxsHBxwb1yaxKyCJvhIAmhaj2jKYFILccsbNIQcHnnTR49mPu_6TcYxkE7DP1lXBhgARW5WCEZa3pZLeKcOTaYw4OUiaLdjBtDU4oOq0xP4tjzfkwDnQwKFV91x6piSDVQ6Yn51wW1t3BA-D1NfYvLqXasTFzql_3AFRHKGP55Zg9sO9hnFlqXLj7dncwo&sai=AMfl-YTpb9rq-P-he4BJt9HNz40anrxqS-gSJ8ylREgkqBGSnWBzCla6PUTRVd-tTgzEXgDbuBmn75vPY08orL3XgB51sKAZZXFxgPLag2VJIrjqVuHI8M298fQYH_vBoOlCkOroKKVoYqgVI2E4essUhwVBDpG1rLQWQHgZpGEgZ5c&sig=Cg0ArKJSzFIzqmgTXRXMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F690
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

17ms
16ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Redirect headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B05A 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5isa9pRRSdBIs_5pWhae6QKIe-TgaCwgeAE3JggeiCUsJigNd1tuhgLAMEM2MxOxsmX0mHMwid9XFPOUfkkMf-rnzkPOd4iptLIw8re0iSNrZ-o4blBVyaUNfFcDxbEDYrY_E5Pa2Q1XjZYSrtF7u30Q6pvYjLpAVQmOKyntIYrdIi0HLI996Pz2IGy2bkuLU6aUWuZvP07rS0ic62R-nQoWucXe8K4qhaFLqcKawxTkwJYcR6Fl1pG44JaqlGj3Lcql3C5QLTwMgI3A-omxNS6aMKn-fKC4gCN9G-29hS7y6YH8Sdz4bpmjyrqBtkel5qWNfOa_jzzZzdzAR8JE&sai=AMfl-YQO89xZQGqk6bljWoe9jGG2BwoC7ls_orhGYXUpwRT2nYzBe2HDY6mYHNEbHSCIks5ZP9qOWver0q4B5eQig_xXKfi1PUCQ-RDu9_uwlYIxZlJFEdPFS22W1b-sG6s6ffG2YeZloCUJUAk9HC-IrNrfiN5xHnJTkfZUWwPVGWA&sig=Cg0ArKJSzFeUAJ6S9uK3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62F2 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUNn-gHDTiJh0VmF2N1ePH5Vxb6nKhR_wFnCJP8Vgq7UQpO9N6uK-PWp6dJcCcptuxbPN1HHV2tObrAXLHnwT0VrIEylX39Z8y87i6QNFcDn2ehxypf2pq8BUho_btMROFXAvQelcD55s7WfWIJluywRaSeKjjU8peYGa2tNbmd2EEaDxxFPRN2FgfOKVRYwumwrqbmq3fncA50EDxLM8ISAHxGrwyo47RWnPv0bakLnMoKmp3zj6UlkoM4dIxRt7cKpm-sF5bRDVUDV0C5ev4pT8-qZBp8hj5_GpMR2Yg5Ue6HyYHx6q5OP-uJ1y-cE-kWJJQbKFH5mbbNudEd-o&sai=AMfl-YQT8Ylws_6FNYgRl6EwqdzsMX-AoCWWMSlPDwidlmpoUudte13JJuoLwe2EnhB8KCjqJBlI4LfvnhwwF5H2hulYkpIaRc8U_cCUBOMlQfg0oU6yWuwmIscmxa33I-_oBZT8eY1XR4C6_X4xn41VYFfiz8U_PKfz7ls3j2LdiRQ&sig=Cg0ArKJSzFQXxhQ4phq1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9AA0 20 KB
21 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 213423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 07:15:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
113ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309190101&jk=1717963005616020&bg=!2tml2ZbNAAYrDsWMCw47ADQBe5WfOLYoklsw8kfoh0g3Qhpt6vrkON3KMxBvPtoGWAz44peYo4Ip2ko4wm1RQgWFcge6AgAAAF9SAAAACGgBB5kCubqExMU77CkaZnARHHZ3GboYf5VR8iI4qsGRxnfB7mQT5nIm_Fht4FcvgfbTsHGrT51BpIfRwKlyTAuXU44E5E8CUkUlcImbMkXYKMAxsCkDXsBvbEGCB7GJ8keiMenLdkeCqylsxSP0nOxv1fujcdmNvc8O0OSB_8MZkAS8EpzaQRKvduPjfYE3XrjaqgjdudR3iTA2y6uvkI3VBrr5BEo0qgg8CYjxnt5lzAI5M_pZnJVSI8oRbZzWj6FtgcBRIypxxVS-3sMoo3vTrAw8G2or4fISEDiJnT5Fc-D5ozBURwUHxzEG3xmGe24Z-ZtTE1eCM83zgJLAGQ4C4uWaSqbQF05BjuAiGDYL3DwoGsM_pO7ScAKZLV44uqi0DEj0J81-_dfAg3GHhkM8Bl4Woc3C03wwG4S_UpGQOBfn-of97ZkdNPkVIfjWxrm9tEoDxmgr_LPKwq9epORYzdR_HCIlaZOINg3KiINhuaR5NjVGrcQ0gfu0WVg8PniDM3fqwwSsELrR7IFCw78kIWH7uzpVbQVk4oTr7xnJBoYYZV9xsF7xjLiQPfwcaGg_XbukBVJwMMKuUUURSxqwRMeQdHHt66HE2m8pu99XrUkANfXvir7OWX82u-eKtvfCyDSZVkmxDr6QpGcf5UElbZSCz_g1GqbvALtTSqsg6-jdJOTwTsevbD5bcBAjxcZ61AP5wTYMkEDDdS5RnwhxQL_KaMix0OhO9USwfBYNF9roXHlFxxSFkyrYtm8YMNbV1aucZyMQzr0cwufhfxk8fyyGUuVkEvT_BES8gQ9styCtPAs4fFUWwwDFMX5l9oW-DTMYCy-NlFwME1vOKdrOrOCXPEtkaPJ70sVu1maHCuHdgMwB8SAx2GvqsKj6OXSzRYWEgPQo2ocAQU5ShflJ7bzoWrqp0N0PSd6P8jU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 178E 0
0 51ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1l1nL9IRZf2CHczrzQbw4b-gAsGYo4dyjZWT694R3bGoyPwQEAEgqP3AEmCV-vCBjAegAfKj-t4DyAECqQJGUKvcTsSxPuACAKgDAcgDCKoEoQJP0AuCprFFyKshnqh3MLlflbxLketpiGxdtFs1xrmfxf7wK--zTQ3uOtZwoSQ-HWxYSSoyBYeDiM4OCbRGd0p-h80XXkUJzDkhj7RwWyb1yWxeM58RqyLfPLhB596h0SsitP_3UwpT3nHSFcl9CT6QXD-NM0aLICnFwTJgwqW9VfE0utTm-2W_02D1cgoNoYdy-tVIBmHJBOKRxAfPksnZLRkOwoa0pEJAViZX9XydQtezg9EfXAHrC1jgsZfnYj0V-X30NPoQ9QHT_tZ1RXm7wgKUPUZaCbRwjIXr_xakRFRbVIS-TrnbFsNw679SJbjPTU8rR0l99EbRn7zzVY7NjObRV52a94ZpFLugxyIdPb9PmWLs_N4ak45rBmO8TlRVwASyw7LsrQTgBAGIBZa_y9RJkgUECAQYAZIFBAgFGASgBgKAB_DHvyKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCE1ArSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgkeaHR0cHM6Ly93aW5kc29yLmRlL2RlL2RlL2RhbWVugAoDyAsB4g0TCIXYr-uyxoEDFcx10wod8PAPJNgTDdAVAYAXAbIXHgocCAASFHB1Yi02OTgzMzA3Mjg5Njg5MjA2GNqOEQ&sigh=MouXZZwgrmw&uach_m=[]&ase=2&nis=5&cid=CAQSXQBpAlJWZazdP-FQJzHlMs0LFTaX2nAYY8d6MHe6ZQWmb80NDi5VnZfv3xBFE8aGKh25z9biYbd4J5Rqu3xi-Mo-e8A0UukFLIH5-s_hgS9hwEQogEbjni6iaD0zIxgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F690 0
0 52ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CylyqL9IRZf-CHczrzQbw4b-gAsGYo4dywKyx2dgR3bGoyPwQEAEgqP3AEmCV-vCBjAegAfKj-t4DyAEDqQJGUKvcTsSxPuACAKgDAcgDCKoEpQJP0OK8yrrkC30KsM2W37WqZArTijIX2Q6egY4Ms2dXdxKbrTsDrvLzXoXFYWlFcBg_-WEOnTx0lMEZENLQ4cXQ9zKYXTJjdutS5JhKc3aB9ZJrQcm6Ej1EOJyGNvakyX1hWJa1ECe9pTuSe7oqby4_F6Ibt0zM8OIq_zmUKltHOQlCxE_gkKXMecytWUWvlprcy2KytVU_RkzAv8sQFhKiTXMvcKvshjoIC1-vW3m4Dvnq839h7vgHCeY3JGLQDJ6_sTXjvZyzovzvVaPRVYDHQqzEtwqOkrA4WylMEKCSbIsRdJfENcvnK8bhkl7iXZc18ImkD7Nus3z8wNbrW4O-Fje-ZsSf24hsIAehdofOsrcVYicNxBk7gDMkEy23kcDpIBwPC8AEssOy7K0E4AQBiAWWv8vUSZIFBAgEGAGSBQQIBRgEoAYDgAfwx78iqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQyewI0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJHmh0dHBzOi8vd2luZHNvci5kZS9kZS9kZS9kYW1lboAKA8gLAeINEwiI2K_rssaBAxXMddMKHfDwDyTYEw3QFQGAFwGyFx4KHAgAEhRwdWItNjk4MzMwNzI4OTY4OTIwNhjajhE&sigh=3OPZrmyxdV0&uach_m=[]&ase=2&nis=5&cid=CAQSXQBpAlJWZazdP-FQJzHlMs0LFTaX2nAYY8d6MHe6ZQWmb80NDi5VnZfv3xBFE8aGKh25z9biYbd4J5Rqu3xi-Mo-e8A0UukFLIH5-s_hgS9hwEQogEbjni6iaD0zIxgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 42ms
42ms Preflight
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1oYnL9IRZf6CHczrzQbw4b-gAsLkt8xxs4iK57EQv-EeEAEgqP3AEmCV-vCBjAegAaKg7_MDyAEJqQJGUKvcTsSxPuACAKgDAcgDywSqBKgCT9D6ExMFdN5uou4mWINKPJ8gHBPE1BqqkSQ-LCfVPUqpXFFM13-DZH7l9sHPs8xkm-AeiPGYqanYhBFCXwNZvvhEVlBm3ZVG8COcNOTdWBApimtm5sf_BSVILOMU4jd4qWH2OyvduMTHGd3MXrAt4ecPzlOdu0p4RxFXrRmgh9wim5dFntk6V3cjUpQ-cFiuBVWt1NXjy8-OgPnIHJosGhiyVFYcig3XEWWn5msulq4OYXhOg00wL8Tfav4pl5AZDvHLSFNrrhPaY6JEQHSSyAojMVneSn_M-m-HZgvnN2292stUVtOysat6e8sRpLGfAfG8hZDIMPv6F7u1crZKD7YEijM759QouhywKSnNlvt6hqL_o-wn7LHIYk5_pLJAJmRTN0TlEbTABJfto8KQBOAEAYgFxJWaE5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIP6ENIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCU1odHRwczovL3d3dy53YWxidXNjaC5kZS8_d2lkPWRlX2JhJmNhbXBhaWduPWRlX2JhLzAvc20vZ2RuL3diay93YmsvMjgwMTIwMjIvMIAKA8gLAeINEwiG2K_rssaBAxXMddMKHfDwDyTYEwuIFAfQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjk4MzMwNzI4OTY4OTIwNhjajhE&sigh=oL5UIRdkY0A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSXQBpAlJWZazdP-FQJzHlMs0LFTaX2nAYY8d6MHe6ZQWmb80NDi5VnZfv3xBFE8aGKh25z9biYbd4J5Rqu3xi-Mo-e8A0UukFLIH5-s_hgS9hwEQogEbjni6iaD0zIxgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 18:32:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9AA0
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C1oYnL9IRZf6CHczrzQbw4b-gAsLkt8xxs4iK57EQv-EeEAEgqP3AEmCV-vCBjAegAaKg7_MDyAEJqQJGUKvcTsSxPuACAKgDAcgDywSqBKgCT9D6ExMFdN5uou4mWINKPJ8gHBPE1Bqq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229589076086248213537%22,%22debug_reporting%22:true,%22destination%22:%22https://walbusch.de%22,%22event_report_window%22:%2...

0
0

61ms
41ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229589076086248213537%22,%22debug_reporting%22:true,%22destination%22:%22https://walbusch.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221048301602%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213895658850380616497%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9589076086248213537","debug_reporting":true,"destination":"https://walbusch.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1048301602"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"13895658850380616497"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 18:32:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 18:32:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9589076086248213537","debug_reporting":true,"destination":"https://walbusch.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1048301602"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"13895658850380616497"}&andc=true
access-control-allow-origin: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1578 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
42ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 18:32:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 178E 42 B
64 B 124ms
124ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstectvRulrRbWJYxYdOYQBhK6psb8ryK8DBVyjzjJbUIdmUJLTOvZfxV0JEED4qr0N1HDlSumNZmDXT8xqYsxIawSxT-TpCccqMX9DkaI28dnprKjsMOBi_nMDiznLtAmDwGOr7cGVl5zST&sai=AMfl-YSOa-DL7gqz9PDTf823i-mery0zqixJgw_2jweJ4pYecLYPeELWNhqkq8KGGVl4XNtdGMDE-32sEqJLL8JusGqkSAlXRLNouG42gsfOCFsH_Nax-6NnPeL5dLPwWHtTYpFxBt93rn60KvgS-hV2VqIBoZXVHsw4EPOL-kex&sig=Cg0ArKJSzG2-rZqkQrysEAE&cid=CAQSXQBpAlJWZazdP-FQJzHlMs0LFTaX2nAYY8d6MHe6ZQWmb80NDi5VnZfv3xBFE8aGKh25z9biYbd4J5Rqu3xi-Mo-e8A0UukFLIH5-s_hgS9hwEQogEbjni6iaD0zIxgB&id=ampim&o=315,16&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=500&tls=1500&g=100&h=100&tt=1501&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 18:32:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 meredith.js Show response
tru.am/scripts/custom/ 4 KB
2 KB 289ms
18ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/meredith.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVB2833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93d192a031c69be44e45f709700850be648793329a5aa09f3265c6b924035489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2488807
x-guploader-uploadid: ADPycdt5SzujWCCoTo8kp6WoAQZooT6LIaaQYxv6emSG7R-bS3k9zaym015F9MuufjsFlfB7K6nIWN0TiIVzCpOuLzq9KO4KoWGF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jul 2023 23:11:46 GMT
server: cloudflare
etag: W/"a200afd49c97b765c908fb2aecf04f28"
vary: Accept-Encoding
x-goog-hash: crc32c=9eljBQ==, md5=ogCv1JyXt2XJCPsq7PBPKA==
x-goog-generation: 1690499506898168
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WVcydIhZlHJJlJCisbi9VIWcBnHjNO6xJ8rHEe%2BRCPei93sZlFa7lagqrryeSTgCO7QGXhiot3PrCgq3njWtkOxi7FE1TYf5y%2F%2F7HaGkqo7sMsrCu8E%2BS2bisPC67A2w2nIyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3764
cf-ray: 80c5595a6e113657-FRA
expires: Mon, 26 Aug 2024 23:12:11 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 274 KB
57 KB 278ms
8ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=KNVNu51sin9U6UQInIknHRoH5k3YPF7RrEcs
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVB2833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5dc43b40a5359b61179439ae995f460d891405b3f034e8b5a9c1fe45fa6c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:26:01 GMT
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
last-modified: Sat, 23 Sep 2023 07:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 387
x-amz-server-side-encryption: AES256
etag: W/"72e5c37c572ba9e6f401f191e2625ef2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: 5N6GdQL3gcgB6UTVy-16vibzafd28_DyL1T2uOY-XKsj-TVYFDYZvg==

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 20ms
20ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/meredith.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 18:32:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1689157
x-guploader-uploadid: ADPycdsGCspzbId51AnTcEhXm8a2E5pKEON0CFAwS3egemwwmQ8g0fpgPW1bq_QWTQ_88miGAlgqP6eLzG2oAR8tDFDabg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWb0fjcvKcH%2BZzda0eo8%2BBMf4exL%2BLjIE1r5Bg0AMx3HSC%2BcquETYY9pLePC9rovDrl%2Bs6rkuOwLPOipcvh2uQNL6%2BYgolxrR7SZ7yBxzEPnNLvfNJtCxBwY4%2F1X%2BWxZO4yMQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 80c5595a8e3e3657-FRA
expires: Wed, 06 Sep 2023 05:19:51 GMT

POST
H2 400 beacon
beacon.tru.am/ 12 B
0 149ms
120ms Fetch
text/plain 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 25 Sep 2023 18:32:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
alt-svc: h3=":443"; ma=86400
content-length: 12
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COjdQa28rq5mxq%2Fvo5o%2BeJIGYj4aatLtSF3Su%2FXb61efF568dMbl9q99WUIFcdVWyVG8oXzjg%2BoJawF9R%2BAf%2FdTS6Yiydq41xJP4JyKsP0Ho%2B%2Fw1oKEILapiQ2NcfpL%2F7flppgKJUPX0O7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 80c5595b0e471e68-FRA
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
351 B 7ms
7ms Image
image/gif 2600:9000:2490:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-2&v=1.0.1&browser=chrome&utime=1695666735507&url=https%3A%2F%2Few.com%2F&globalTI_SID=1d668d85-e7a2-4f73-8ddb-d72472ffc1e2&request_id=97ea355e-02c2-496b-962f-dbd5b182131f&optanon_consent=isIABGlobal%3Dfalse%26datestamp%3DMon%2BSep%2B25%2B2023%2B20%3A32%3A15%2BGMT%2B0200%2B(Central%2BEuropean%2BSummer%2BTime)%26version%3D6.31.0%26hosts%3D%26consentId%3D3ea30ff4-2acb-451b-9024-0ca07ffdb2d2%26interactionCount%3D0%26landingPath%3Dhttps%3A%2F%2Few.com%2F%26groups%3D1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&gpc_enabled=no&compliance=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&opt_in=no&gpc_utc_millis=1695673935000&gpc_iab_global=no&domain=ew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 15:19:14 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 11585
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: mUpTTfGXZaQ7t4ULAVTQsLyTFTrgJGG6-V3nlpaS8tx0DgI3PkYtOQ==

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ew.com/	1970-01-21 00:37:06	Name: last_request_id Value:
ew.com/	1970-01-21 00:37:06	Name: request_id Value: d536a5ec-df52-4bbb-9808-d50ae1d56d56
ew.com/	1970-01-21 00:37:06	Name: previous_ts Value:
ew.com/	1970-01-21 00:37:06	Name: visit_ts Value: 1695666734880
ew.com/	1970-01-21 00:37:06	Name: pageview_count Value: 1
ew.com/	1970-01-21 00:37:06	Name: globalTI_SID Value: 1d668d85-e7a2-4f73-8ddb-d72472ffc1e2
ew.com/	1970-01-21 00:37:06	Name: muuid_date Value: 1695666734880
ew.com/	1970-01-21 00:37:06	Name: first_request_id Value: d536a5ec-df52-4bbb-9808-d50ae1d56d56
ew.com/	1970-01-21 00:37:06	Name: muuid_origin Value: ew.com
.ew.com/	1970-01-21 00:37:06	Name: globalTI_SID Value: 1d668d85-e7a2-4f73-8ddb-d72472ffc1e2
.ew.com/	1970-01-21 00:37:06	Name: muuid_date Value: 1695666734880
.ew.com/	1970-01-21 00:37:06	Name: last_request_id Value:
.ew.com/	1970-01-21 00:37:06	Name: visit_ts Value: 1695666734880
.ew.com/	1970-01-21 00:37:06	Name: previous_ts Value:
.ew.com/	1970-01-21 00:37:06	Name: first_request_id Value: d536a5ec-df52-4bbb-9808-d50ae1d56d56
.ew.com/	1970-01-21 00:37:06	Name: pageview_count Value: 1
.ew.com/	1970-01-21 00:37:06	Name: muuid_origin Value: ew.com
ew.com/	1970-01-20 15:01:07	Name: initial_referer Value:
ew.com/	1970-01-21 00:37:06	Name: muuid_source Value: SERVER
d9jj3mjthpub.cloudfront.net/	1970-01-21 00:37:06	Name: cross_site_muuid Value: 39672164-e56c-51d4-8ea7-c45b1b5444de
.ew.com/	1970-01-21 00:37:06	Name: _ga Value: GA1.2.1987073497.1695666735
.ew.com/	1970-01-20 15:02:33	Name: _gid Value: GA1.2.450518051.1695666735
.ew.com/	1970-01-20 15:01:06	Name: _gat_UA-97981691-4 Value: 1
ew.com/	1970-01-20 15:44:18	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ew.com/	1970-01-20 23:46:42	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Sep+25+2023+20%3A32%3A15+GMT%2B0200+(Central+European+Summer+Time)&version=6.31.0&hosts=&consentId=3ea30ff4-2acb-451b-9024-0ca07ffdb2d2&interactionCount=0&landingPath=https%3A%2F%2Few.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.criteo.com/	1970-01-21 00:22:42	Name: uid Value: 83b64559-4783-460a-9842-eddde65a8e6d
.openx.net/	1970-01-20 23:46:42	Name: i Value: 3e442234-0766-4eb0-b269-2227feaa11f3\|1695666735
.ew.com/	1970-01-21 00:22:42	Name: cto_bundle Value: BUzobF9CRUUxY3VnN3lQb1EzeHhzVUVUdnp3ZU9Tek5YZTclMkZCT3k2T0FVJTJCTnBVVVdSdk9yTjQyYUhtZTQ2UWMzOUxxc0JHSDM4TWVBd0k5WlZYMFNhczZ5MVRuWlQ2YSUyRkZXZDlBN1VhZ0d3M2FKJTJGQ1ZxVU5qRWZ0bzBmSld6OTA1QTVaUjNGM0YlMkY1ekpDNUcxcm41UG1pT0FRJTNEJTNE
.ew.com/	1970-01-21 00:22:42	Name: __gads Value: ID=776ddfdaca820c9f:T=1695666735:RT=1695666735:S=ALNI_MaHoOBO7WSHxNxkH8dB_GUmj2jblw
.ew.com/	1970-01-21 00:22:42	Name: __gpi Value: UID=00000cb0236044b5:T=1695666735:RT=1695666735:S=ALNI_MYwTSeyEHtPv4xFm37aEM9csMAuhg
.doubleclick.net/	1970-01-21 00:22:42	Name: IDE Value: AHWqTUnpWnN53RQ8OyS9f0x6g9xe7WMU9FvEs1BE5S92J3Ub2dgAzqLU33jLkgmodX0
.doubleclick.net/	1970-01-20 15:01:10	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:10:42	Name: ar_debug Value: 1
.ew.com/	1970-01-21 00:37:06	Name: _pnvl Value: false
.ew.com/	1970-01-21 00:37:06	Name: pushly.user_puuid Value: Vqj6YbOwRWyaRePsDbsV1Ok0Fkrb7zSO
.ew.com/	1970-01-21 00:37:06	Name: _pnss Value: none
.ew.com/	1970-01-21 00:37:06	Name: _pnxd Value: 1d668d85-e7a2-4f73-8ddb-d72472ffc1e2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ew.com/element-api/content-proxy/sitewide-alert Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://beacon.tru.am/beacon Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

417c8b95adf632fabfc350c24584c1be.safeframe.googlesyndication.com
api.rlcdn.com
beacon.tru.am
c.amazon-adsystem.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.p-n.io
config.aps.amazon-adsystem.com
connect.facebook.net
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
entertainmentweekly.tv
ew.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sv.rkdms.com
imagesvc.meredithcorp.io
js-sec.indexww.com
karma.mdpcdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
platform.instagram.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
www.ew.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
104.18.24.18
104.77.32.87
13.32.110.78
151.101.2.137
172.217.18.2
178.250.7.13
18.66.112.6
2600:9000:218e:a600:19:bcbe:a700:21
2600:9000:223f:3800:d:2820:3bc0:93a1
2600:9000:2490:3e00:11:e0c9:84c0:21
2606:4700:20::681a:274
2606:4700:20::681a:374
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9d
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f276:e8:face:b00c:0:4420
3.224.77.213
3.33.139.32
34.102.146.192
34.120.133.55
34.120.135.53
34.98.64.218
52.222.162.13
52.223.40.198
54.163.238.217
99.86.4.106
99.86.4.30
99.86.4.71
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085d6ba7339ea666ff702600ee3a21ab66c076c4b73485c2b5b0fd8b1a889a13
0e100b9ee7a9d1dab73a5faca955447c2fb5f676779c22d279279baef7f45733
0edcf872fc00babbaad61aba9f5b48a920878e3624bef173abe1f401fc5a4e54
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1b3bf5c40c29bcfe5897a85f57f59803d6075f8ef3cece0e489ed50ee5e47bc3
1d099fe6f979e84fb319c3ae4851a34d54f373694a9098538259127e173a8052
1d3bed50505ec1558eb3b4f317247451e550f4b4e8a7e2d62517f5ea79efd6bd
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
271b7928be5f7f18e3ede76d139fc282b258c14b26d0ef05d4623d0cb859371b
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71
2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d
2e02bee0e07e55b5375ce1666aedda58acaa6adc8d86dcefbe8e7c491bf0e7ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
343922a4c188ce3849d2affe38b5a180e5b4399c06414ce7f31a6ee509a27907
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d50d1944838d555f42671e84af402e6c47441628b2f24239d909ba3bbd11470
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3f0cad693d9385c07cee7020ab1c13c8b9a07f9889f78962ddef6a1e0e8723c6
42cd12e019f4fd57c8ab5295c4ef378d848951af185f533691f041c3ea716a23
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471aee0cc9a7fcc90a3eea0f9a48af7b4d1c08401900333cc83b817fed00cb87
476b653962effa1ef832a217293aa95fd3917bbb60c9b123c3de509b2475af5d
499b2d1ee0232cd6fcc108831993f1ab017657e12b08d9035ae0fd9f30db7ef3
4b89dd9becf14fdc796aa4720eef9413c016f8f756cde4861216e9a68d3914e5
4cb0a491cec5d828eb928b260296c07b0cfb8a61f8af735c0f973922d2f51c89
4f3c89045df2494896a4ffa1dd5f55b5d3b9a59712129716e1d6d5222f9663c7
4f90198e0054450e2f21f7ad14ee10874ef81a3bdb3685426ea131d2cd5244a4
54115125e4155c37563309762526d328d7547c99df09f4936e16770e3494b139
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54e4306d185443d80a16d22b64f3625cf7a725b065c57c8c78a81e4066de09c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d71059500bb86d1797b3cd7ccfdd33320a058f13e26e431c6448fa608396ae0
5db23c1f4bb294496df9184dffd00fe2921b4e01934dbe523f771b56d1a1ec03
5e7832c690a4f840841b0824e3161d5e2fa5be3f5fc3067f789c570b78020030
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ce015138e5fdc7aa0a7b5d58db8bcd130876ae406ce0c8d07222c496a368b9
64021802710b9d2304a185271a09d0523841c339177d54eaab0117fe6d2cd38f
64acb9f9fdc64f50044a7e37b37f2c9420685eb13f23020a7e30db4d9e5e7bb5
6a3bbc562242456774b277ffb9e78c1fedebb5beeff78dbc51725f554abba454
6c51d9e01f5f9f10c6f34dfd65e574669ed4c2cc492a10292d5459393b31b968
6f5dc43b40a5359b61179439ae995f460d891405b3f034e8b5a9c1fe45fa6c6e
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
7163757ed6e9a3007662638d92ed95c15db5ba411809d3d58486c19548be68ba
719aacfe1c64dbce2ff16910cb939f0ab231244fa6b10e5c11ce261516f81d14
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
74c58ae0ebc8cc127da9cb010091abb8ccd647687df0b0964f35deb7b780c821
781231689f733ffd9e4234bebd13c969cf1d06caea5514fed06189c2e8e4c4a7
790e6f4074c1e2fab0f6be79582873f1186d0d64d7d39aef152beebd9da876a8
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7aeb82f5acfe68969d0f588f3f04d81c92d6a311a1c4d153eaac0ddb832d6bc8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82c614a7e3f1c6c0c0f6c2b055d5411843b7ac1cd546df04214e1a9add8b2544
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833af9d57e1e4468b210c18a333a85cc1e27a11f6fe32ca001aa3e7edf58e930
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85247f760ae49d90d39755c1e2fb1ad52ac01ea293b2d7752501b9c9a2e9989b
85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550
88694a79a8777f9dfd09a2e560155937b81c2beb88e67f1220bc7721701f641e
887f06fc01d48470756bd818c9d5ac08f826f1465e4c875019331e37524a30f6
8f2efb82c7b1151cc0e7b4f9f1ae7e0514b2ec680c78cf7974645efec21c745d
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
91d00b4a482150790cd4cbbe26e72cd3ed1d0ae6d970601fc82c406471763d44
93d192a031c69be44e45f709700850be648793329a5aa09f3265c6b924035489
93da7c460ff9ffa2689dd91b307fe231d1a552159fe2ff975c7354d3996b9ee3
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
9a0fa76974cd6d0a1a81e90af6f21257c66b2677af264e27345d0564a6db6bc3
9d0d29b00b052c8267397de4d785b6ca026cb877592d596c9505788ade57d585
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3
a5804123644088b35ee13efd0ce8a1daeca966635c4cd274029686e833935c02
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b329113cd066f537e9e98cb4eca667ad610b0c3194ab2913a14253f45608284b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b74207b9e51e101b04e4b3b8f9949583de91b041301851a8fc696f1960f26a0d
b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa
bd0a5b491b60787770b1b5faff2b03205b4f3ba9080a8a1eb5b6035bfe3fd8ae
c12c5de9ee0e73d6f0877a170e1a884ca1ea4976b98fc4b90432de5d650f0061
c21556ea6ad3e2af68fd534c145391ec5a2e187c42aeed11b2061a67c49db088
c217f630715e1f1f2951a67f33a749da2c10feaf73199179e5f1514dc3d44733
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cab506cba3e86ef5f67d715442d3dd7701591ce151c3c725f9e991a2c0f7f060
cac3fc0dd2d787dd4eb7496d2d0ce7658a075fcb00df6ff96d2919de879242f5
d072b8452ce8e167beada5f4228f6328c7dcae49df1afe76ce151f2bbbdb3ef6
d0b8c5a3ad55a5491f92158429a32c4173b19fe1bae50920913ea178162ca7c0
d3b7a54941ebc2ed30095c77c68f710d813fc0a8a2ad9e6dc9e50849392c2a39
d5238399eec84b85c1eec58f82de8e989eed128839d4ada23bd908eb554c2bcc
d95a1a04a639bde0f699334b7c97f40ac87116b4658fb05c30b7463a40b3d251
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0cc2d2b191d09b3a7292f7382154f96c50899be37050b8a282fdff1cadd4ad0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b
e7cc08e44eea48fd361f90a696e7c0dfd47dfa0b8ea0c38d8552e2524571e387
ee772365ce777dde44e83cb4e94b94c51302a7c33b3126b0b2e602e901cd1c31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60e099fb003de4f8fcb9efab0d33e83b9d562fec8d6916416ed0357a9f5dc7f
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

ew.com Open in urlscan Pro 99.86.4.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

95 %HTTPS

61 %IPv6

33 Domains

49 Subdomains

47 IPs

5 Countries

2741 kBTransfer

8162 kBSize

37 Cookies

17 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ew.com Open in urlscan Pro
99.86.4.71 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

95 %
HTTPS

61 %
IPv6

33
Domains

49
Subdomains

47
IPs

5
Countries

2741 kB
Transfer

8162 kB
Size

37
Cookies

139 HTTP transactions
13 data transactions