mobilesource.global Open in urlscan Pro
52.29.208.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bettergift.top/
Effective URL:
https://mobilesource.global/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsq...
Submission: On February 07 via manual (February 7th 2017, 6:17:37 pm UTC) from NL

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 21 domains to perform 48 HTTP transactions. The main IP is 52.29.208.110, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is mobilesource.global.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 29th 2016. Valid for: 5 months.

This is the only time mobilesource.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.29.208.110 52.29.208.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.57.194.206 52.57.194.206	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.23.252.69 23.23.252.69	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	54.230.11.102 54.230.11.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	95.101.241.136 95.101.241.136	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.204.29.76 54.204.29.76	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	54.230.11.153 54.230.11.153	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.192.147.138 54.192.147.138	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	198.232.125.123 198.232.125.123	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
8	151.101.112.249 151.101.112.249	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	52.94.216.48 52.94.216.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
5	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
48	18

3 52.29.208.110 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-208-110.eu-central-1.compute.amazonaws.com

mobilesource.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.194.206 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-194-206.eu-central-1.compute.amazonaws.com

clickpalace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.252.69 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-252-69.compute-1.amazonaws.com

winit.intouchweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.11.102 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-11-102.lhr3.r.cloudfront.net

dwobekpvy1lk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.241.136 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-241-136.deploy.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.29.76 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-204-29-76.compute-1.amazonaws.com

adg.bzgint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.11.153 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-11-153.lhr3.r.cloudfront.net

d27so4lebom4m9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.147.138 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-147-138.sfo4.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.220 (Pasadena, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

ox-d.bauer.servedbyopenx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.232.125.123 (Los Angeles, United States)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 123-125-232-198.static.unitasglobal.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.112.249 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

twinit-images.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.216.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fastly.net twinit-images.global.ssl.fastly.net	245 KB
5	gstatic.com fonts.gstatic.com	136 KB
4	cloudfront.net dwobekpvy1lk.cloudfront.net d27so4lebom4m9.cloudfront.net d1fc8wv8zag5ca.cloudfront.net Failed d2lv4zbk7v5f93.cloudfront.net Failed duaych6b74qkm.cloudfront.net Failed	255 KB
4	clickpalace.com clickpalace.com Failed	288 B
3	mobilesource.global mobilesource.global	22 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com aax.amazon-adsystem.com	4 KB
1	google-analytics.com www.google-analytics.com	11 KB
1	googletagservices.com www.googletagservices.com	1 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	servedbyopenx.com ox-d.bauer.servedbyopenx.com	33 KB
1	bzgint.com adg.bzgint.com	12 KB
1	optimizely.com cdn.optimizely.com 4665260873.log.optimizely.com Failed	64 KB
1	intouchweekly.com winit.intouchweekly.com Failed	7 KB
0	scorecardresearch.com Failed b.scorecardresearch.com Failed
0	vupulse.com Failed vupulse.com Failed
0	facebook.net Failed connect.facebook.net Failed
0	postrelease.com Failed a.postrelease.com Failed
0	taboola.com Failed cdn.taboola.com Failed
0	doubleclick.net Failed securepubads.g.doubleclick.net Failed
48	21

	Domain	Requested by
8	twinit-images.global.ssl.fastly.net	winit.intouchweekly.com
5	fonts.gstatic.com	winit.intouchweekly.com dwobekpvy1lk.cloudfront.net
4	clickpalace.com	clickpalace.com
3	d27so4lebom4m9.cloudfront.net	winit.intouchweekly.com
3	mobilesource.global	mobilesource.global
2	fonts.googleapis.com	winit.intouchweekly.com
1	www.google-analytics.com	winit.intouchweekly.com
1	www.googletagservices.com	winit.intouchweekly.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	www.googletagmanager.com	winit.intouchweekly.com
1	maxcdn.bootstrapcdn.com	winit.intouchweekly.com
1	ox-d.bauer.servedbyopenx.com	winit.intouchweekly.com
1	c.amazon-adsystem.com	winit.intouchweekly.com
1	adg.bzgint.com	winit.intouchweekly.com
1	cdn.optimizely.com	winit.intouchweekly.com
1	dwobekpvy1lk.cloudfront.net	winit.intouchweekly.com
1	winit.intouchweekly.com
0	b.scorecardresearch.com Failed	mobilesource.global
0	vupulse.com Failed	www.googletagmanager.com
0	duaych6b74qkm.cloudfront.net Failed	mobilesource.global
0	connect.facebook.net Failed	mobilesource.global
0	a.postrelease.com Failed	www.googletagmanager.com
0	d2lv4zbk7v5f93.cloudfront.net Failed	www.googletagmanager.com
0	d1fc8wv8zag5ca.cloudfront.net Failed	mobilesource.global
0	cdn.taboola.com Failed	www.googletagmanager.com
0	securepubads.g.doubleclick.net Failed	www.googletagservices.com
0	4665260873.log.optimizely.com Failed	cdn.optimizely.com
48	27

This site contains no links.

Subject Issuer	Validity	Valid
COMODO RSA Domain Validation Secure Server CA	`2016-09-29` - `2017-02-22`	5 months	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.bootstrapcdn.com RapidSSL SHA256 CA	`2016-10-13` - `2017-10-13`	a year	crt.sh
a.ssl.fastly.net DigiCert SHA2 High Assurance Server CA	`2014-12-08` - `2018-02-06`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh
*.google.com Google Internet Authority G2	`2017-01-25` - `2017-04-19`	3 months	crt.sh

This page contains 3 frames:

Frame: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/
Frame ID: 30833.1
Requests: 4 HTTP requests in this frame

Frame: http://winit.intouchweekly.com/sweepstakes/p/2
Frame ID: 30882.1
Requests: 5 HTTP requests in this frame

Frame: http://winit.intouchweekly.com/sweepstakes/p/2
Frame ID: 30892.1
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

48
Requests

42 %
HTTPS

29 %
IPv6

21
Domains

27
Subdomains

18
IPs

4
Countries

826 kB
Transfer

1679 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 32

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set 10c0ad62-849f-11e6-93c9-0279a6a6ea5f Show response
mobilesource.global/c/
Redirect Chain

http://c.workwithtrky.com/?a=3655&c=8310&p=r&E=O1QTYqBRCI0%3d&s1=
https://mobilesource.global/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsqE31zQU7O3MPaDAIbN6z1kYy92VNltj7X-oE-PYlEu_YSfcyePpFwN36vyJ4tukyjoI-VwCP6I...

21 KB
21 KB

38ms
11ms

Document
text/html

52.29.208.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesource.global/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsqE31zQU7O3MPaDAIbN6z1kYy92VNltj7X-oE-PYlEu_YSfcyePpFwN36vyJ4tukyjoI-VwCP6IYKJ0b4x0lVlib7COlBX-fNo7_DW7B5zYaBMBnw6zw6AnG90h_KeZkUeqTeZgEaEyXeiagGjsbN8GewX6oRcrgDMQ&affid=3655
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.208.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-208-110.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b44a2638b8f8f2ef476899ba840b3bc86163c61fb50f2272cf81b8cb33830afd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: mobilesource.global
Cache-Control: no-cache
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Vary: Accept-Encoding
X-Client-Addr: 148.251.45.170
Server: nginx/1.10.2
Set-Cookie: _s=b019cd22-ed61-11e6-910b-01413dc51ad3; expires=Fri, 17-Feb-2017 18:17:30 GMT; Max-Age=864000; path=/; HttpOnly
Connection: keep-alive
Date: Tue, 07 Feb 2017 18:17:30 GMT
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache

Redirect headers

Set-Cookie: .sess=wdyxgpgf4penqnvkkmvwdlhi; path=/; HttpOnly .sess=wdyxgpgf4penqnvkkmvwdlhi; path=/; HttpOnly x22317=/y/UTktViz/HsWxJ+U8MBN2/2tajCmAsoMHRoP6pxlxGZ9fZUckRzDY8o3GyafNR/LH+Ut7hkgFSybi7PXqWrCIUCjHO411HnyaIzpJPKn2fGM7iHiIEzbrLxQmMAzvHSuIBe3sV+IERiwisi8XJDfhgbDtfwsd/FmfwzPJ5y2wEOXH4z8IaG7l1WtC+za6bV2Wmg7RCf2vnIltM5y6uR1gRXwGkroK49QCn+0TQq3kMocR5Nk0L0MJr5GwTiGn29BSrymtGSQEYsw3vXzGhKX+uA+HAWxESIeyrIwMS2aPtBhuW2AO7gJsV9YtxBhGUpXQqGNk8V6KSTQb1OVSDw+x00MF0euOIgULAMhpTWxgKAlcdMAqBI92+NJhyLdNrW414Xi5QYhDc8MZTxds4qk6wvtCTXqd+JCq1D5neiL6Sui7XmpqMiQ==; domain=.workwithtrky.com; expires=Thu, 09-Mar-2017 18:17:30 GMT; path=/; HttpOnly
Content-Length: 417
Date: Tue, 07 Feb 2017 18:17:29 GMT
X-AspNet-Version: 4.0.30319
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html; charset=utf-8
Location: https://mobilesource.global/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsqE31zQU7O3MPaDAIbN6z1kYy92VNltj7X-oE-PYlEu_YSfcyePpFwN36vyJ4tukyjoI-VwCP6IYKJ0b4x0lVlib7COlBX-fNo7_DW7B5zYaBMBnw6zw6AnG90h_KeZkUeqTeZgEaEyXeiagGjsbN8GewX6oRcrgDMQ&affid=3655
Cache-Control: private

GET
H/1.1 404
Not Found favicon.ico
mobilesource.global/ 571 B
571 B 10ms
10ms Other
text/html 52.29.208.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesource.global/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.208.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-208-110.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: 206f42d520769f5a05fa12453b0f4d567026fbe55bde8620043bef201b7f9540

Request headers

Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: mobilesource.global
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie: _s=b019cd22-ed61-11e6-910b-01413dc51ad3
Connection: keep-alive
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: text/html
Date: Tue, 07 Feb 2017 18:17:30 GMT
Server: nginx/1.10.2
Connection: keep-alive
Content-Length: 571

GET
H/1.1 200
OK / Show response
mobilesource.global/v/b019e7a8-ed61-11e6-8c57-01413dc51a1b/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f/ 0
0 19ms
19ms Document
text/html 52.29.208.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mobilesource.global/v/b019e7a8-ed61-11e6-8c57-01413dc51a1b/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f/?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsqE31zQU7O3MPaDAIbN6z1kYy92VNltj7X-oE-PYlEu_YSfcyePpFwN36vyJ4tukyjoI-VwCP6IYKJ0b4x0lVlib7COlBX-fNo7_DW7B5zYaBMBnw6zw6AnG90h_KeZkUeqTeZgEaEyXeiagGjsbN8GewX6oRcrgDMQ&affid=3655&_i=1&_s=b019cd22-ed61-11e6-910b-01413dc51ad3&_r=&_d=5|0|0|0|1|1|||1600x1200||1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|96|0|24d2b599f23ac65c9803a114f946394d|8ee85fb71eed958d1e29aee167a98f25|a8676bdbad87858c2cf7ebda79feaeae|lum0y,6nq96o,0|en,en-US|Linux%20x86_64|04374be8dcbb62e89cf89596d2601e4d|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/56.0.2924.87%20Safari/537.36|0|8|148.251.45.170|2a01:4f8:202:a9::2|1|0||||nowebgl
Requested by: Host: mobilesource.global
URL: https://mobilesource.global/c/10c0ad62-849f-11e6-93c9-0279a6a6ea5f?tid=_y_UTktViz_HsWxJ-U8MBN2_2tajCmAsS2fttJgncVJSw4tigGFsqE31zQU7O3MPaDAIbN6z1kYy92VNltj7X-oE-PYlEu_YSfcyePpFwN36vyJ4tukyjoI-VwCP6IYKJ0b4x0lVlib7COlBX-fNo7_DW7B5zYaBMBnw6zw6AnG90h_KeZkUeqTeZgEaEyXeiagGjsbN8GewX6oRcrgDMQ&affid=3655
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.29.208.110 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-208-110.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: no-cache
Cookie: _s=b019cd22-ed61-11e6-910b-01413dc51ad3
Pragma: no-cache
Host: mobilesource.global
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Client-Addr: 148.251.45.170
Content-Type: text/html;charset=utf-8
Cache-Control: no-cache
Date: Tue, 07 Feb 2017 18:17:30 GMT
Vary: Accept-Encoding
Refresh: 0;url=http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/
Connection: keep-alive
Transfer-Encoding: chunked
Server: nginx/1.10.2

GET /
clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/ 0
0

GET
H/1.1 200
OK / Show response
clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/ Frame 3088 480 B
288 B 364ms
11ms Document
text/html 52.57.194.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/
Protocol: HTTP/1.1
Server: 52.57.194.206 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-194-206.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b850721e81e4ecf64aeac25f5b2e89e26211bdc8e704fbbbd47810fbedc25258

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Host: clickpalace.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 288
Date: Tue, 07 Feb 2017 18:17:30 GMT
X-Client-Addr: 148.251.45.170
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/ Frame 3088 0
0 17ms
10ms Document
text/html 52.57.194.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/
Requested by: Host: clickpalace.com
URL: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/
Protocol: HTTP/1.1
Server: 52.57.194.206 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-194-206.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: clickpalace.com
Accept-Language: en-US,en;q=0.8
Connection: keep-alive
Pragma: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Client-Addr: 148.251.45.170
Connection: keep-alive
Cache-Control: no-cache
Refresh: 0;url=http://winit.intouchweekly.com/sweepstakes/p/2
Content-Length: 20
Date: Tue, 07 Feb 2017 18:17:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8

GET
H/1.1 204
No Content favicon.ico
clickpalace.com/ Frame 3088 0
0 7ms
6ms Other
text/plain 52.57.194.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://clickpalace.com/favicon.ico
Protocol: HTTP/1.1
Server: 52.57.194.206 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-194-206.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: clickpalace.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 07 Feb 2017 18:17:30 GMT
Server: nginx

GET 2
winit.intouchweekly.com/sweepstakes/p/ Frame 3088 0
0

GET
H/1.1 204
No Content favicon.ico
clickpalace.com/ Frame 3088 0
0 7ms
6ms Other
text/plain 52.57.194.206
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://clickpalace.com/favicon.ico
Protocol: HTTP/1.1
Server: 52.57.194.206 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-194-206.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Host: clickpalace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Referer: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/
Connection: keep-alive
Referer: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 07 Feb 2017 18:17:30 GMT
Server: nginx

GET
H/1.1 200
OK Cookie set 2 Show response
winit.intouchweekly.com/sweepstakes/p/ Frame 3089 27 KB
7 KB 744ms
298ms Document
text/html 23.23.252.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Server

23.23.252.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-23-23-252-69.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

2d357e8cfcd17de8b63796d836057f8eb5e65e4ddf17a02405fb9eb9ff83815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/
Connection: keep-alive
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: winit.intouchweekly.com
Accept-Language: en-US,en;q=0.8
Pragma: no-cache
Upgrade-Insecure-Requests: 1
Upgrade-Insecure-Requests: 1
Referer: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Request-Id: 9f05dc60-44ca-4f53-b714-6fd040ed6aec
X-Runtime: 0.188964
Date: Tue, 07 Feb 2017 18:17:31 GMT
Content-Encoding: gzip
Etag: "0955212b097d35a5245100f63d062986"
Set-Cookie: referer=http%3A%2F%2Fclickpalace.com%2Fr%2Fb02db22e-ed61-11e6-901c-11419a1ee36e%2F1%2F; path=/; expires=Sat, 07 Feb 2037 18:17:31 -0000 visitor_uuid=1f41430f-e4eb-4ffc-a0d5-02c419228680; path=/; expires=Sat, 07 Feb 2037 18:17:31 -0000 _session_id=e0cb55f963f57282248eec8ab08d461f; path=/; expires=Tue, 07 Feb 2017 18:47:31 -0000; HttpOnly
X-Rack-Cors: preflight-hit; no-origin
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Server: Cowboy
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
X-Frame-Options: ALLOWALL
Via: 1.1 vegur

GET
H/1.1 200
OK global19.js Show response
dwobekpvy1lk.cloudfront.net/assets/ Frame 3089 109 KB
43 KB 56ms
25ms Script
application/x-javascript 54.230.11.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dwobekpvy1lk.cloudfront.net/assets/global19.js
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.230.11.102 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-11-102.lhr3.r.cloudfront.net
Software: nginx /
Resource Hash: 32af5497576c76a8a52025156278dddac01ef10e610fd83d724ed237d905ae57

Request headers

Pragma: no-cache
Accept-Language: en-US,en;q=0.8
Accept-Encoding: gzip, deflate, sdch
Host: dwobekpvy1lk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Fri, 01 Jan 2027 18:25:43 GMT
Last-Modified: Tue, 03 Jan 2017 16:02:30 GMT
Server: nginx
Transfer-Encoding: chunked
Via: 1.1 0742a501f4d29312ad9cbc7b7bf143c7.cloudfront.net (CloudFront)
Content-Type: application/x-javascript
X-Amz-Cf-Id: H6pgvFWJOLs-TOm9K3HLwf2T5mM_sRSHSmXr4i9G_xucCjrXi9lUJQ==
Date: Tue, 03 Jan 2017 18:25:43 GMT
Content-Encoding: gzip
Age: 3023508
X-Cache: Hit from cloudfront

GET
H/1.1 200
OK Cookie set 4665260873.js Show response
cdn.optimizely.com/js/ Frame 3089 193 KB
64 KB 134ms
127ms Script
text/javascript 95.101.241.136
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.optimizely.com/js/4665260873.js
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 95.101.241.136 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-241-136.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 397603cd112e5aa4762626da63f973f7e2d2da8eb5bfa88136476c51d65c46d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Accept: */*
Connection: keep-alive
Cache-Control: no-cache
Host: cdn.optimizely.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified: Tue, 07 Feb 2017 18:11:29 GMT
Cache-Control: max-age=126
x-amz-id-2: Yx/o6mMS4PFA7uTGivPHByIgY1XHOGeN5CGfeGc+4YGJzz+EKt9N/6HlsEl1uBoENb107ZcLJE8=
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Timing-Allow-Origin: *
Content-Encoding: gzip
x-amz-request-id: 3AB7543D1644EDCE
x-amz-meta-revision: 407
Content-Length: 65944
ETag: "30726f74975ad6e62c75ec3bc2102f8d"
Content-Type: text/javascript
Set-Cookie: cdn=http%3a%2f%2fakamai%3adsd%40cdn.optimizely.com%2fjs%2f4665260873.js; path=/; domain=.optimizely.com
x-amz-version-id: K4PkZk0S78LHlSPpHvDePsi_UHfcCzf5
Date: Tue, 07 Feb 2017 18:17:31 GMT
Connection: keep-alive

GET
H/1.1 200
OK data.js
adg.bzgint.com/pub/adg/ Frame 3089 40 KB
12 KB 328ms
100ms Script
application/x-javascript 54.204.29.76
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://adg.bzgint.com/pub/adg/data.js
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.204.29.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-204-29-76.compute-1.amazonaws.com
Software: nginx/0.8.55 /
Resource Hash

Request headers

Accept: */*
Cache-Control: no-cache
Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Host: adg.bzgint.com
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
Connection: keep-alive
Date: Tue, 07 Feb 2017 18:17:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2017 21:22:04 GMT
Server: nginx/0.8.55
transfer-encoding: chunked

GET
H/1.1 200
OK intouchweekly-7a045a6d7a6859096cbc339d4baf2e5f.css
d27so4lebom4m9.cloudfront.net/assets/themes/gimlet/custom_color/ Frame 3089 175 KB
61 KB 52ms
22ms Stylesheet
text/css 54.230.11.153
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d27so4lebom4m9.cloudfront.net/assets/themes/gimlet/custom_color/intouchweekly-7a045a6d7a6859096cbc339d4baf2e5f.css
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.230.11.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-11-153.lhr3.r.cloudfront.net
Software: Cowboy /
Resource Hash: ba4ac0381a2b40c3dc8da347004eaed3740e427297262622e279bc1bbcf8a294

Request headers

Host: d27so4lebom4m9.cloudfront.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Cache-Control: no-cache
Pragma: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 62022
X-Amz-Cf-Id: ZkySN-Pw4j041pYMV4ZF2dNKQ_VOGQFnzRoCRjl8VQEQhJ8xJxeQhA==
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Via: 1.1 vegur, 1.1 7cddfedd82c4e2198668a64be4934fd0.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Cache: Hit from cloudfront
X-Rack-Cors: preflight-hit; no-origin
Server: Cowboy
Date: Wed, 01 Feb 2017 18:03:25 GMT
Last-Modified: Wed, 01 Feb 2017 18:00:58 GMT
Age: 519246
Content-Type: text/css

GET
H/1.1 200
OK gimlet-3731bbddfab59c7c87e98328e957db90.js Show response
d27so4lebom4m9.cloudfront.net/assets/themes/ Frame 3089 455 KB
148 KB 59ms
28ms Script
application/javascript 54.230.11.153
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d27so4lebom4m9.cloudfront.net/assets/themes/gimlet-3731bbddfab59c7c87e98328e957db90.js
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.230.11.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-11-153.lhr3.r.cloudfront.net
Software: Cowboy /
Resource Hash: 15bd996b318b538481e5ca9c86749c2cc6a6cfc294cc71ec8742abbbbda5e49f

Request headers

Pragma: no-cache
Host: d27so4lebom4m9.cloudfront.net
Accept: */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Cache-Control: no-cache
Origin: http://winit.intouchweekly.com
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Origin: http://winit.intouchweekly.com

Response headers

Content-Length: 151994
Server: Cowboy
Cache-Control: public, max-age=604800
X-Amz-Cf-Id: XPX2qWAclSAN9CE8J6WsQkaacyH_oDIti3iJOwnfpFEIqofx5eapQw==
X-Cache: Hit from cloudfront
Last-Modified: Wed, 01 Feb 2017 18:00:42 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://winit.intouchweekly.com
Vary: Accept-Encoding,Origin
Date: Wed, 01 Feb 2017 18:04:02 GMT
Age: 519209
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
Content-Type: application/javascript
Via: 1.1 vegur, 1.1 dfe1547939a6120ba27e5efece823c7a.cloudfront.net (CloudFront)
Access-Control-Allow-Credentials: true
X-Rack-Cors: hit

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ Frame 3089 12 KB
4 KB 334ms
167ms Script
application/javascript 54.192.147.138
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.192.147.138 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-147-138.sfo4.r.cloudfront.net
Software: Server /
Resource Hash: 27f25c888119f962d5c4d62520e855b038a9869cfc20218b78f15f99d5edc582

Request headers

Accept: */*
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Language: en-US,en;q=0.8
Pragma: no-cache
Host: c.amazon-adsystem.com
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: application/javascript
Cache-Control: public, max-age=86400
Content-Length: 4000
Age: 85203
ETag: 2f134a489e088a2bded6767f4ea8e270
Server: Server
X-Cache: Hit from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-Amz-Cf-Id: LS4aCr4qQJiTsGevZ-H3FkWJjAX88TKgaHIz157BayJI7IajhwM7VA==
Date: Sat, 04 Feb 2017 18:37:27 GMT
Via: 1.1 939ea9d62ec616846d41b16cea0dc65b.cloudfront.net (CloudFront)

GET
H/1.1 200
OK jstag Show response
ox-d.bauer.servedbyopenx.com/w/1.0/ Frame 3089 97 KB
33 KB 44ms
19ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://ox-d.bauer.servedbyopenx.com/w/1.0/jstag?nc=62726647-itw
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 173.241.240.220 Pasadena, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/11.44.6 /
Resource Hash: 3bf4ad1674a3115c41fe53d6e98e1cf82ae03f2ec6315aeccef656319140bffb

Request headers

Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Accept: */*
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Cache-Control: no-cache
Pragma: no-cache
Host: ox-d.bauer.servedbyopenx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Connection: keep-alive
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires: Tue, 07 Feb 2017 19:17:31 GMT
Server: OXGW/11.44.6
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=3600
Content-Length: 34140
Date: Tue, 07 Feb 2017 18:17:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 3089 2 KB
458 B 57ms
27ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

7d9282b785bd4dcf02b8b325858b23dfd50ceada043cd1bfadb616f75e703861

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css?family=Lato:400,700,300&subset=latin,latin-ext
pragma: no-cache
cache-control: no-cache
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: text/css,*/*;q=0.1
:authority: fonts.googleapis.com
referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2

Response headers

last-modified: Tue, 07 Feb 2017 18:17:31 GMT
status: 200
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
expires: Tue, 07 Feb 2017 18:17:31 GMT
content-encoding: br
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2017 18:17:31 GMT
cache-control: private, max-age=86400, stale-while-revalidate=604800
server: ESF
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame 3089 26 KB
7 KB 73ms
22ms Stylesheet
text/css 198.232.125.123
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.232.125.123 Los Angeles, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS: 123-125-232-198.static.unitasglobal.net
Software: NetDNA-cache/2.2 /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

referer: http://winit.intouchweekly.com/sweepstakes/p/2
pragma: no-cache
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control: no-cache
:authority: maxcdn.bootstrapcdn.com
:path: /font-awesome/4.4.0/css/font-awesome.min.css
accept-encoding: gzip, deflate, sdch, br
accept: text/css,*/*;q=0.1
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2

Response headers

content-type: text/css
expires: Fri, 02 Feb 2018 18:17:31 GMT
date: Tue, 07 Feb 2017 18:17:31 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=31104000
content-encoding: gzip
last-modified: Tue, 28 Jul 2015 22:47:56 GMT
x-hello-human: Say hello back! @getBootstrapCDN on Twitter

GET
H/1.1 200
OK intouch-logolg.png
twinit-images.global.ssl.fastly.net/uploads/site/primary_logo/14/ Frame 3089 5 KB
5 KB 26ms
6ms Image
image/png 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/site/primary_logo/14/intouch-logolg.png?crop=&fit=

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

4dd27c5be0f654951db40f4ced0192b9af5646c12912b2cf20e4a8386a6a6bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Served-By: cache-hhn1541-HHN
Last-Modified: Fri, 09 Dec 2016 0:30:05 GMT
X-Timer: S1486491452.399443,VS0,VE0
Date: Tue, 07 Feb 2017 18:17:32 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Cache-Control: max-age=315360000
Via: 1.1 varnish
Age: 5248046
Accept-Ranges: bytes
X-Cache-Hits: 1
X-Imgix-Content-DPR: 1
X-Cache: HIT
Content-Length: 5117
Server: imgix-fe
Content-Type: image/png

GET
H/1.1 200
OK sweepon_secondary_logo-9506758e7c16fcce2bd320b394573815.png
d27so4lebom4m9.cloudfront.net/assets/themes/gimlet/ Frame 3089 3 KB
3 KB 19ms
18ms Image
image/png 54.230.11.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d27so4lebom4m9.cloudfront.net/assets/themes/gimlet/sweepon_secondary_logo-9506758e7c16fcce2bd320b394573815.png
Requested by: Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2
Protocol: HTTP/1.1
Server: 54.230.11.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-11-153.lhr3.r.cloudfront.net
Software: Cowboy /
Resource Hash: 8ee41587fa93144003113603e4e4c9cbe188a580d0954e0256216d4c92ec2aa7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: d27so4lebom4m9.cloudfront.net
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Cache-Control: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Connection: keep-alive
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Rack-Cors: preflight-hit; no-origin
Date: Tue, 03 Jan 2017 18:25:52 GMT
Via: 1.1 vegur, 1.1 7cddfedd82c4e2198668a64be4934fd0.cloudfront.net (CloudFront)
Last-Modified: Tue, 09 Feb 2016 17:17:45 GMT
Age: 277261
Cache-Control: public, max-age=604800, no-transform
Content-Length: 3134
Server: Cowboy
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Id: ugaM6LESqguuPQjdAS9sTeCX_LOMv_fVBpP4rXJfuOt-6RSF4JcpRA==

GET
H2 200 css
fonts.googleapis.com/ Frame 3089 6 KB
836 B 53ms
23ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

0e9a1d470463018df0dcb5997be539fc310fb8498a82c4e28cf29776a4c512e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: text/css,*/*;q=0.1
referer: http://winit.intouchweekly.com/sweepstakes/p/2
x-client-data: CIi2yQEIpLbJAQ==
:path: /css?family=Ubuntu:400,500,700
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:method: GET
cache-control: no-cache
:authority: fonts.googleapis.com
:scheme: https
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

last-modified: Tue, 07 Feb 2017 18:17:31 GMT
x-frame-options: SAMEORIGIN
status: 200
timing-allow-origin: *
date: Tue, 07 Feb 2017 18:17:31 GMT
content-encoding: br
x-xss-protection: 1; mode=block
server: ESF
content-type: text/css; charset=utf-8
expires: Tue, 07 Feb 2017 18:17:31 GMT
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
alt-svc: quic=":443"; ma=2592000; v="35,34"

GET
H/1.1 200
OK 350-visa-kernel.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19728/ Frame 3089 25 KB
25 KB 26ms
6ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19728/350-visa-kernel.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

738c9a270f2c9498160cda26d8f51ed307d372da6a8fe4a20e363be5066deac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: twinit-images.global.ssl.fastly.net
Cache-Control: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Imgix-Content-DPR: 1
X-Content-Type-Options: nosniff
Server: imgix-fe
Cache-Control: max-age=315360000
X-Cache: HIT
Age: 517994
Connection: keep-alive
Content-Length: 25374
X-Served-By: cache-hhn1528-HHN
Accept-Ranges: bytes
X-Cache-Hits: 1
Date: Tue, 07 Feb 2017 18:17:32 GMT
Via: 1.1 varnish
Last-Modified: Wed, 01 Feb 2017 18:24:18 GMT
X-Timer: S1486491452.400968,VS0,VE0
Content-Type: image/jpeg

GET
H/1.1 200
OK girl-on-the-train-giveaway-1.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19459/ Frame 3089 45 KB
45 KB 27ms
7ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19459/girl-on-the-train-giveaway-1.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

717fe621b216970bfd0a7a2516cdbe5bf0b385f5a24b95a7e9e822e8f11620cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Encoding: gzip, deflate, sdch, br
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Server: imgix-fe
Content-Type: image/jpeg
X-Cache-Hits: 1
Date: Tue, 07 Feb 2017 18:17:32 GMT
Via: 1.1 varnish
Last-Modified: Wed, 18 Jan 2017 5:03:09 GMT
X-Imgix-Content-DPR: 1
Age: 1775663
Content-Length: 46018
X-Served-By: cache-hhn1545-HHN
X-Timer: S1486491452.401318,VS0,VE0
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK fandangonow-image.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19676/ Frame 3089 31 KB
31 KB 26ms
6ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19676/fandangonow-image.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

e7128f993c746ca6da462b9f76ab4187f1ba5d3b5c9d67e30e68fbd77dbed403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Encoding: gzip, deflate, sdch, br
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Pragma: no-cache
Connection: keep-alive
Cache-Control: no-cache
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified: Fri, 03 Feb 2017 2:33:34 GMT
Date: Tue, 07 Feb 2017 18:17:32 GMT
X-Served-By: cache-hhn1548-HHN
X-Timer: S1486491452.401526,VS0,VE0
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
Content-Length: 32103
Connection: keep-alive
Server: imgix-fe
Via: 1.1 varnish
Age: 402237
X-Cache-Hits: 1
X-Imgix-Content-DPR: 1
X-Cache: HIT

GET
H/1.1 200
OK wonder-crew-target-womansworld-giveaway-2.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19555/ Frame 3089 31 KB
31 KB 26ms
6ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19555/wonder-crew-target-womansworld-giveaway-2.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

acfee03be008d3df5993bcd24c0a94f7ff40c4044e7833fec2b6f643cfa292a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Cache: HIT
Last-Modified: Fri, 20 Jan 2017 16:44:25 GMT
Server: imgix-fe
Content-Type: image/jpeg
Cache-Control: max-age=315360000
X-Imgix-Content-DPR: 1
X-Served-By: cache-hhn1540-HHN
Via: 1.1 varnish
Connection: keep-alive
X-Cache-Hits: 1
X-Content-Type-Options: nosniff
Age: 1560786
Content-Length: 31430
X-Timer: S1486491452.401001,VS0,VE0
Accept-Ranges: bytes
Date: Tue, 07 Feb 2017 18:17:32 GMT

GET
H/1.1 200
OK singin-in-the-rain.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19618/ Frame 3089 38 KB
38 KB 26ms
7ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19618/singin-in-the-rain.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

70f44a6206fba25fc51156b8c36d02f75327ca8a9001bd8b6c1b097fddab0801

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch, br
Host: twinit-images.global.ssl.fastly.net
Cache-Control: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type: image/jpeg
X-Imgix-Content-DPR: 1
Via: 1.1 varnish
X-Cache: HIT
X-Timer: S1486491452.399901,VS0,VE0
X-Content-Type-Options: nosniff
X-Served-By: cache-hhn1536-HHN
Last-Modified: Wed, 01 Feb 2017 12:40:39 GMT
Server: imgix-fe
Date: Tue, 07 Feb 2017 18:17:32 GMT
Age: 538612
Cache-Control: max-age=315360000
X-Cache-Hits: 1
Connection: keep-alive
Content-Length: 38561
Accept-Ranges: bytes

GET
H/1.1 200
OK motorola-phone-vday-giveaway.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19384/ Frame 3089 28 KB
28 KB 20ms
7ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19384/motorola-phone-vday-giveaway.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

72b9969818642ba84efa144e9ac45ab001fb4b6e8cc1d04d2969bf7a97eba94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Encoding: gzip, deflate, sdch, br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Pragma: no-cache
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Server: imgix-fe
X-Imgix-Content-DPR: 1
X-Cache: HIT
Connection: keep-alive
Content-Length: 29100
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Date: Tue, 07 Feb 2017 18:17:32 GMT
Age: 1762704
X-Served-By: cache-hhn1528-HHN
Last-Modified: Wed, 18 Jan 2017 8:39:07 GMT
X-Timer: S1486491452.413703,VS0,VE0
Content-Type: image/jpeg
X-Cache-Hits: 1
Via: 1.1 varnish
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK snowden-ipad-mini-giveaway-1.jpg
twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19084/ Frame 3089 43 KB
43 KB 15ms
7ms Image
image/jpeg 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twinit-images.global.ssl.fastly.net/uploads/drawing_photo/photo/19084/snowden-ipad-mini-giveaway-1.jpg?crop=&fit=crop&h=300&w=400

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

imgix-fe /

Resource Hash

42c3461dfe074747096bce638051b6788f025a97422cc560d1fc0c081fe9cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: image/webp,image/*,*/*;q=0.8
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Cache-Control: no-cache
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: twinit-images.global.ssl.fastly.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

X-Cache: HIT
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2017 19:12:18 GMT
X-Timer: S1486491452.408560,VS0,VE0
X-Imgix-Content-DPR: 1
Via: 1.1 varnish
Age: 169514
X-Served-By: cache-hhn1541-HHN
Server: imgix-fe
Content-Type: image/jpeg
Date: Tue, 07 Feb 2017 18:17:32 GMT
Content-Length: 43611
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
Cache-Control: max-age=315360000
X-Cache-Hits: 1

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ Frame 3089 66 KB
25 KB 28ms
21ms Script
application/javascript 2a00:1450:4001:821::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-KDGTQK

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

405244525a73e4358864cc271e5505df25945974c19102bd3933f84204ae5c00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Cache-Control: no-cache
Accept-Language: en-US,en;q=0.8
Accept: */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://winit.intouchweekly.com/sweepstakes/p/2

Response headers

Server: Google Tag Manager (scaffolding)
Content-Type: application/javascript; charset=UTF-8
Cache-Control: private, max-age=900
X-XSS-Protection: 1; mode=block
Expires: Tue, 07 Feb 2017 18:17:32 GMT
Date: Tue, 07 Feb 2017 18:17:32 GMT
Vary: Accept-Encoding
Content-Length: 25614
Content-Encoding: gzip

GET event
4665260873.log.optimizely.com/ Frame 3089 0
0

GET
H/1.1 200
OK bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 3089 19 B
19 B 99ms
72ms Script
text/javascript 52.94.216.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aax.amazon-adsystem.com/e/dtb/bid?src=3149&u=http%3A%2F%2Fwinit.intouchweekly.com%2Fsweepstakes%2Fp%2F2&cb=9688937
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: a1246500e54878521c20eaca060cdbff39b403619b4751d39bf8828246d51309

Request headers

Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: aax.amazon-adsystem.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 07 Feb 2017 18:17:31 GMT
Server: Server
Connection: Keep-Alive
Keep-Alive: timeout=2, max=5
Content-Length: 19
Vary: User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3089 2 KB
1 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:81b::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

fd685190c83bac5e6c70369aae7152f5feaa479d096e80e62007b619e5de0ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Host: www.googletagservices.com
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Age: 553
Vary: Accept-Encoding
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Expires: Tue, 07 Feb 2017 18:08:19 GMT
Date: Tue, 07 Feb 2017 18:08:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Feb 2017 15:19:32 GMT
Server: sffe
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Type: text/javascript
Timing-Allow-Origin: *
Content-Length: 1353

GET
H2

200

analytics.js
www.google-analytics.com/ Frame 3089
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

27 KB
11 KB

21ms
6ms

Script
text/javascript

2a00:1450:4001:821::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
:method: GET
:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
referer: http://winit.intouchweekly.com/sweepstakes/p/2
:scheme: https
Referer: http://winit.intouchweekly.com/sweepstakes/p/2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date: Tue, 07 Feb 2017 17:36:51 GMT
vary: Accept-Encoding
expires: Tue, 07 Feb 2017 19:36:51 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: public, max-age=7200
age: 2441
server: Golfe2
content-length: 11590
x-content-type-options: nosniff
last-modified: Wed, 28 Sep 2016 20:19:01 GMT
status: 200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
strict-transport-security: max-age=10886400; includeSubDomains; preload

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v11/ Frame 3089 26 KB
26 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/1YwB1sO8YE1Lyjf12WNiUA.woff2

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
cache-control: no-cache
:method: GET
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
:scheme: https
:path: /s/lato/v11/1YwB1sO8YE1Lyjf12WNiUA.woff2
pragma: no-cache
origin: http://winit.intouchweekly.com
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
x-client-data: CIi2yQEIpLbJAQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
Origin: http://winit.intouchweekly.com

Response headers

cache-control: public, max-age=31536000
date: Tue, 07 Feb 2017 12:00:05 GMT
server: sffe
content-type: font/woff2
content-length: 26144
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
age: 22647
timing-allow-origin: *
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
expires: Wed, 07 Feb 2018 12:00:05 GMT
last-modified: Mon, 06 Oct 2014 20:40:01 GMT
status: 200

GET
DATA 200
OK truncated
/ Frame 3089 34 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7776b07883ed23e67020dff56f4e3224051886378c9c24c6712db7e160b37f5a

Request headers

Response headers

GET
H2 200 0ihfXUL2emPh0ROJezvraFtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/ubuntu/v9/ Frame 3089 28 KB
28 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v9/0ihfXUL2emPh0ROJezvraFtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

bfdcd03ae3e1b7fc82e6b66cb359931f961699c5d68ec482f96d949847fee83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/ubuntu/v9/0ihfXUL2emPh0ROJezvraFtXRa8TVwTICgirnJhmVJw.woff2
origin: http://winit.intouchweekly.com
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
:scheme: https
:method: GET
x-client-data: CIi2yQEIpLbJAQ==
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
Origin: http://winit.intouchweekly.com

Response headers

last-modified: Thu, 18 Feb 2016 02:45:28 GMT
age: 2338319
cache-control: public, max-age=31536000
server: sffe
alt-svc: quic=":443"; ma=2592000; v="35,34"
status: 200
access-control-allow-origin: *
timing-allow-origin: *
content-length: 28716
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2018 16:45:33 GMT
date: Wed, 11 Jan 2017 16:45:33 GMT
x-content-type-options: nosniff
content-type: font/woff2

GET
H2 200 H2DMvhDLycM56KNuAtbJYA.woff2
fonts.gstatic.com/s/lato/v11/ Frame 3089 25 KB
25 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/H2DMvhDLycM56KNuAtbJYA.woff2

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

pragma: no-cache
origin: http://winit.intouchweekly.com
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:authority: fonts.gstatic.com
:scheme: https
:method: GET
:path: /s/lato/v11/H2DMvhDLycM56KNuAtbJYA.woff2
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
accept: */*
cache-control: no-cache
referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
x-client-data: CIi2yQEIpLbJAQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
Origin: http://winit.intouchweekly.com

Response headers

server: sffe
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
date: Tue, 07 Feb 2017 12:00:26 GMT
content-length: 25604
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
status: 200
content-type: font/woff2
timing-allow-origin: *
expires: Wed, 07 Feb 2018 12:00:26 GMT
last-modified: Mon, 06 Oct 2014 20:40:59 GMT
age: 22626
cache-control: public, max-age=31536000

GET
H2 200 sDGTilo5QRsfWu6Yc11AXg.woff2
fonts.gstatic.com/s/ubuntu/v9/ Frame 3089 33 KB
33 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v9/sDGTilo5QRsfWu6Yc11AXg.woff2

Requested by

Host: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f45623eb171e70f29951c2e7cda720214d4ff0f12444610e83149ad74448be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/ubuntu/v9/sDGTilo5QRsfWu6Yc11AXg.woff2
origin: http://winit.intouchweekly.com
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700
:scheme: https
Origin: http://winit.intouchweekly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700

Response headers

date: Wed, 11 Jan 2017 16:45:48 GMT
x-content-type-options: nosniff
age: 2338304
status: 200
access-control-allow-origin: *
content-length: 33756
expires: Thu, 11 Jan 2018 16:45:48 GMT
last-modified: Thu, 18 Feb 2016 02:45:50 GMT
content-type: font/woff2
server: sffe
cache-control: public, max-age=31536000
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="35,34"
x-xss-protection: 1; mode=block

GET
H2 200 EsvMC5un3kjyUhB9ZEPPwg.woff2
fonts.gstatic.com/s/lato/v11/ Frame 3089 25 KB
25 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/EsvMC5un3kjyUhB9ZEPPwg.woff2

Requested by

Host: dwobekpvy1lk.cloudfront.net
URL: http://dwobekpvy1lk.cloudfront.net/assets/global19.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

49cdbdefa15fa3f220eaf225d2e769adbb8ae81800204b39959c79239f4f4fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/lato/v11/EsvMC5un3kjyUhB9ZEPPwg.woff2
origin: http://winit.intouchweekly.com
accept-encoding: gzip, deflate, sdch, br
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
pragma: no-cache
accept-language: en-US,en;q=0.8
accept: */*
cache-control: no-cache
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin,latin-ext
Origin: http://winit.intouchweekly.com

Response headers

expires: Thu, 11 Jan 2018 16:46:06 GMT
date: Wed, 11 Jan 2017 16:46:06 GMT
last-modified: Mon, 06 Oct 2014 20:38:21 GMT
age: 2338286
x-xss-protection: 1; mode=block
content-type: font/woff2
timing-allow-origin: *
server: sffe
alt-svc: quic=":443"; ma=2592000; v="35,34"
content-length: 25408
x-content-type-options: nosniff
status: 200
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET pubads_impl_108.js
securepubads.g.doubleclick.net/gpt/ Frame 3089 0
0

GET tfa.js
cdn.taboola.com/libtrc/bauer-intouchweekly-sc/ Frame 3089 0
0

GET sp.js
d1fc8wv8zag5ca.cloudfront.net/2.6.0/ Frame 3089 0
0

GET esf.js
d2lv4zbk7v5f93.cloudfront.net/ Frame 3089 0
0

GET load.js
a.postrelease.com/serve/ Frame 3089 0
0

GET fbevents.js
connect.facebook.net/en_US/ Frame 3089 0
0

GET advertising.js
duaych6b74qkm.cloudfront.net/ Frame 3089 0
0

GET widget.js
vupulse.com/static/ Frame 3089 0
0

GET b
b.scorecardresearch.com/ Frame 3089 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clickpalace.com
URL: http://clickpalace.com/r/b02db22e-ed61-11e6-901c-11419a1ee36e/0/

Domain: winit.intouchweekly.com
URL: http://winit.intouchweekly.com/sweepstakes/p/2

Domain: 4665260873.log.optimizely.com
URL: https://4665260873.log.optimizely.com/event?a=4665260873&d=3266870423&y=false&src=js&s4665371072=false&s4657871081=gc&s4661492889=referral&s4660401205=none&tsent=1486491452.181&n=http%3A%2F%2Fwinit.intouchweekly.com%2Fsweepstakes%2Fp%2F2&u=oeu1486491452172r0.58070394425606&wxhr=true&time=1486491452.181&f=8216293578,8230240631,8210550616&g=&cx2=e2cbd92

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_108.js

Domain: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/bauer-intouchweekly-sc/tfa.js

Domain: d1fc8wv8zag5ca.cloudfront.net
URL: http://d1fc8wv8zag5ca.cloudfront.net/2.6.0/sp.js

Domain: d2lv4zbk7v5f93.cloudfront.net
URL: http://d2lv4zbk7v5f93.cloudfront.net/esf.js

Domain: a.postrelease.com
URL: http://a.postrelease.com/serve/load.js?async=true

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Domain: duaych6b74qkm.cloudfront.net
URL: http://duaych6b74qkm.cloudfront.net/advertising.js

Domain: vupulse.com
URL: https://vupulse.com/static/widget.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/b?c1=2&c2=8187616&ns__t=1486491452455&ns_c=UTF-8&c8=Sweepstakes%2C%20contests%2C%20giveaways%20-%20Win%20money%2C%20prizes%20and%20free%20stuff%20online%20-%20In%20Touch%20Weekly&c7=http%3A%2F%2Fwinit.intouchweekly.com%2Fsweepstakes%2Fp%2F2&c9=http%3A%2F%2Fclickpalace.com%2Fr%2Fb02db22e-ed61-11e6-901c-11419a1ee36e%2F1%2F

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4665260873.log.optimizely.com
a.postrelease.com
aax.amazon-adsystem.com
adg.bzgint.com
b.scorecardresearch.com
c.amazon-adsystem.com
cdn.optimizely.com
cdn.taboola.com
clickpalace.com
connect.facebook.net
d1fc8wv8zag5ca.cloudfront.net
d27so4lebom4m9.cloudfront.net
d2lv4zbk7v5f93.cloudfront.net
duaych6b74qkm.cloudfront.net
dwobekpvy1lk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mobilesource.global
ox-d.bauer.servedbyopenx.com
securepubads.g.doubleclick.net
twinit-images.global.ssl.fastly.net
vupulse.com
winit.intouchweekly.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
4665260873.log.optimizely.com
a.postrelease.com
b.scorecardresearch.com
cdn.taboola.com
clickpalace.com
connect.facebook.net
d1fc8wv8zag5ca.cloudfront.net
d2lv4zbk7v5f93.cloudfront.net
duaych6b74qkm.cloudfront.net
securepubads.g.doubleclick.net
vupulse.com
winit.intouchweekly.com
151.101.112.249
173.241.240.220
198.232.125.123
23.23.252.69
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
52.29.208.110
52.57.194.206
52.94.216.48
54.192.147.138
54.204.29.76
54.230.11.102
54.230.11.153
95.101.241.136
0e9a1d470463018df0dcb5997be539fc310fb8498a82c4e28cf29776a4c512e0
15bd996b318b538481e5ca9c86749c2cc6a6cfc294cc71ec8742abbbbda5e49f
206f42d520769f5a05fa12453b0f4d567026fbe55bde8620043bef201b7f9540
27f25c888119f962d5c4d62520e855b038a9869cfc20218b78f15f99d5edc582
2d357e8cfcd17de8b63796d836057f8eb5e65e4ddf17a02405fb9eb9ff83815d
32af5497576c76a8a52025156278dddac01ef10e610fd83d724ed237d905ae57
397603cd112e5aa4762626da63f973f7e2d2da8eb5bfa88136476c51d65c46d3
3bf4ad1674a3115c41fe53d6e98e1cf82ae03f2ec6315aeccef656319140bffb
405244525a73e4358864cc271e5505df25945974c19102bd3933f84204ae5c00
42c3461dfe074747096bce638051b6788f025a97422cc560d1fc0c081fe9cbe6
47a3e3b64cffe3ff820ebe554ac4df940da5ed469eaddbbc13bdd3b0b1eb4479
49cdbdefa15fa3f220eaf225d2e769adbb8ae81800204b39959c79239f4f4fb3
4dd27c5be0f654951db40f4ced0192b9af5646c12912b2cf20e4a8386a6a6bf1
63413259cbaefb160e5ade88d65669a85beb447007edb1eb6f58daeba865822e
70f44a6206fba25fc51156b8c36d02f75327ca8a9001bd8b6c1b097fddab0801
717fe621b216970bfd0a7a2516cdbe5bf0b385f5a24b95a7e9e822e8f11620cf
72b9969818642ba84efa144e9ac45ab001fb4b6e8cc1d04d2969bf7a97eba94f
738c9a270f2c9498160cda26d8f51ed307d372da6a8fe4a20e363be5066deac6
7776b07883ed23e67020dff56f4e3224051886378c9c24c6712db7e160b37f5a
7d9282b785bd4dcf02b8b325858b23dfd50ceada043cd1bfadb616f75e703861
8ee41587fa93144003113603e4e4c9cbe188a580d0954e0256216d4c92ec2aa7
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a1246500e54878521c20eaca060cdbff39b403619b4751d39bf8828246d51309
acfee03be008d3df5993bcd24c0a94f7ff40c4044e7833fec2b6f643cfa292a7
b44a2638b8f8f2ef476899ba840b3bc86163c61fb50f2272cf81b8cb33830afd
b850721e81e4ecf64aeac25f5b2e89e26211bdc8e704fbbbd47810fbedc25258
ba4ac0381a2b40c3dc8da347004eaed3740e427297262622e279bc1bbcf8a294
bfdcd03ae3e1b7fc82e6b66cb359931f961699c5d68ec482f96d949847fee83f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7128f993c746ca6da462b9f76ab4187f1ba5d3b5c9d67e30e68fbd77dbed403
f45623eb171e70f29951c2e7cda720214d4ff0f12444610e83149ad74448be3e
fd685190c83bac5e6c70369aae7152f5feaa479d096e80e62007b619e5de0ca3

mobilesource.global Open in urlscan Pro 52.29.208.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

48 Requests

42 %HTTPS

29 %IPv6

21 Domains

27 Subdomains

18 IPs

4 Countries

826 kBTransfer

1679 kBSize

0 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mobilesource.global Open in urlscan Pro
52.29.208.110 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

42 %
HTTPS

29 %
IPv6

21
Domains

27
Subdomains

18
IPs

4
Countries

826 kB
Transfer

1679 kB
Size

0
Cookies

48 HTTP transactions
1 data transactions