www.latimeswine.com Open in urlscan Pro
107.178.254.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sli.law360news.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985
Effective URL:
https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee...
Submission: On December 24 via api (December 24th 2020, 5:18:09 pm UTC) from US

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 34 HTTP transactions. The main IP is 107.178.254.45, located in United States and belongs to GOOGLE, US. The main domain is www.latimeswine.com.
TLS certificate: Issued by R3 on December 12th 2020. Valid for: 3 months.

This is the only time www.latimeswine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.186.137 2.16.186.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	34.224.147.78 34.224.147.78	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.204.11.212 52.204.11.212	14618 (AMAZON-AES) (AMAZON-AES)
1	34.228.136.138 34.228.136.138	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:212... 2600:9000:2127:b400:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
4	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
1	107.178.254.45 107.178.254.45	15169 (GOOGLE) (GOOGLE)
6	35.244.137.202 35.244.137.202	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	104.109.54.208 104.109.54.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:206... 2600:9000:206f:9a00:b:dc44:3680:21	16509 (AMAZON-02) (AMAZON-02)
5	35.222.120.150 35.222.120.150	15169 (GOOGLE) (GOOGLE)
1	34.120.27.38 34.120.27.38	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:2be0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:1a84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	15

1 2.16.186.137 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-137.deploy.static.akamaitechnologies.com

sli.law360news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.147.78 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-147-78.compute-1.amazonaws.com

p.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.11.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-11-212.compute-1.amazonaws.com

d.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.136.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-136-138.compute-1.amazonaws.com

html-link.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:b400:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.45 (United States)

ASN15169 (GOOGLE, US)
PTR: 45.254.178.107.bc.googleusercontent.com

www.latimeswine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.137.202 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.54.208 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-54-208.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9a00:b:dc44:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d1hdjv7b05hja2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.222.120.150 (United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anthill.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.27.38 (United States)

ASN15169 (GOOGLE, US)
PTR: 38.27.120.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2be0 (United States)

ASN13335 (CLOUDFLARENET, US)

images.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.133.208 (United States)

ASN15133 (EDGECAST, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1a84 (United States)

ASN13335 (CLOUDFLARENET, US)

ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fastcdn.co g.fastcdn.co v.fastcdn.co	2 MB
6	ad-score.com js.ad-score.com data.ad-score.com	104 KB
3	gstatic.com fonts.gstatic.com	60 KB
3	firstleaf.club images.firstleaf.club ct.firstleaf.club	29 KB
3	instapagemetrics.com cdn.instapagemetrics.com ec.instapagemetrics.com	33 KB
3	instapage.com heatmap-events-collector.instapage.com anthill.instapage.com	9 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	liadm.com 2 redirects p.liadm.com d.liadm.com	2 KB
1	cloudfront.net d1hdjv7b05hja2.cloudfront.net	3 KB
1	typography.com cloud.typography.com
1	latimeswine.com www.latimeswine.com	12 KB
1	revcontent.com html-link.revcontent.com	2 KB
1	law360news.com 1 redirects sli.law360news.com	507 B
34	13

	Domain	Requested by
6	g.fastcdn.co	www.latimeswine.com
4	data.ad-score.com	js.ad-score.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	ct.firstleaf.club	images.firstleaf.club
2	v.fastcdn.co	www.latimeswine.com
2	heatmap-events-collector.instapage.com	www.latimeswine.com heatmap-events-collector.instapage.com
2	fonts.googleapis.com	www.latimeswine.com
2	js.ad-score.com	html-link.revcontent.com js.ad-score.com
1	anthill.instapage.com	www.latimeswine.com
1	images.firstleaf.club	d1hdjv7b05hja2.cloudfront.net
1	cdn.instapagemetrics.com	www.latimeswine.com
1	d1hdjv7b05hja2.cloudfront.net	www.latimeswine.com
1	cloud.typography.com	www.latimeswine.com
1	www.latimeswine.com	html-link.revcontent.com
1	html-link.revcontent.com
1	d.liadm.com	1 redirects
1	p.liadm.com	1 redirects
1	sli.law360news.com	1 redirects
34	19

This site contains links to these domains. Also see Links.

Domain
www.firstleaf.club

Subject Issuer	Validity	Valid
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2020-09-02` - `2021-10-04`	a year	crt.sh
www.latimeswine.com R3	`2020-12-12` - `2021-03-12`	3 months	crt.sh
g.fastcdn.co GTS CA 1D2	`2020-11-27` - `2021-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2020-04-26` - `2021-07-26`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
heatmap-events-collector.instapage.com Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
cdn.instapagemetrics.com GTS CA 1D2	`2020-12-09` - `2021-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
v.fastcdn.co DigiCert SHA2 Secure Server CA	`2020-05-05` - `2022-07-14`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
anthill.instapage.com Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
ec.instapagemetrics.com R3	`2020-12-20` - `2021-03-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Frame ID: 2873F4E7D22DC96B66D15E127474534D
Requests: 34 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 87FE27F2EA50C4FA5BDF604AD52D135F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A72756ECA99770C7F201DD62400203B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sli.law360news.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985 HTTP 301
https://p.liadm.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985&_lc2_fpi=c76... HTTP 302
https://d.liadm.com/click2/d25b204a/qm9bjzLPopGv6pPaO-aweTsLgyv0qqSs5YdTWSQRd15-lGDKiFV8jA8MzjrD... HTTP 302
https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161... Page URL
https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08c... Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

34
Requests

94 %
HTTPS

35 %
IPv6

13
Domains

19
Subdomains

15
IPs

4
Countries

2653 kB
Transfer

3231 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.firstleaf.club/quiz/1/?utm_source=latimes&utm_medium=revcontent&utm_campaign=why-LAT1219
Title: REVEAL MY WINES

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/privacy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sli.law360news.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985 HTTP 301
https://p.liadm.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985&_lc2_fpi=c76d2f5599c6--01etaw3fhhpw91v3z7teh3d1vv HTTP 302
https://d.liadm.com/click2/d25b204a/qm9bjzLPopGv6pPaO-aweTsLgyv0qqSs5YdTWSQRd15-lGDKiFV8jA8MzjrDCgiqLricCAQ83qK_cLgaYSVFuSAm7VMWghk2B9ZByiaf98XDI2jhE82qc44lfywJIPq2bk3lE9Uew3Y7KzChe3pf5QaaBNL9RaJoOdWD0jYryfHCMFulmUvUFvp3H9V61cg41hsYWUxEV4s-Y7iN5DS-nGO_srKBUpLi7G0Dy2kVlMFd4nfkGMZKpMiFR33-8vy_yva-al-wz_PZ8EhWmqogjylW1Rphtk2W-ChY25lt3F5ZbkV8QcCk-lOZpqIASp05RtN7CJYIctyPfkDKyocUh8Gzd7L97VG1xbg3ORiJeRA5fHgzdlY_GEhOcA1qHjoi8FiVJFKwBI8q789HNETaC4IBg9IHrbyLBMON3t6WbnzD8DpEOfFha9rW0ktsriaTdAd8THLEgnuDOi_b46sFitIyrNdaTUU1RZgAzQ3Gk0QFRzlYcOYHcPrvxrZu0Ko09lT1MrJQiOa4vvpPlJgeQFpuJz-zCEAxBczKx06OXMjOLlpJriQTCt88hFvVYeDxeqgTF1CsQaCXxqpRIRr4hSpVEp15VFPNr5H160ypJ-uFNJqJceacpJ45emS2Ye0PkiMgrmAuyuVF_PzD63tEEnnw4O0ns4OvBMzUxRcHGMr80XbXpikAHjWqh6NGuoP9KAGSgPFYmaMgHKgOSk8_yseNDvE-dz4U-DboKXIe-GtjwqZr_zvETrezSzP7Hy4UFt_TafkyAf6d0WCL_C5LCj1pe0wlL9UqN2EXkCh512rspo1EQ7-zJxtihEbfPYKLrypLn88eYIdG9Gp8rb9L-5dKjxTudJHuttMTf9EGMcWSV65U859iehVWb6Oiz3taNjkXrniDPBeh0R98y-TJh35wIlZ7bQ/// HTTP 302
https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987 Page URL
https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sli.law360news.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985 HTTP 301
https://p.liadm.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985&_lc2_fpi=c76d2f5599c6--01etaw3fhhpw91v3z7teh3d1vv HTTP 302
https://d.liadm.com/click2/d25b204a/qm9bjzLPopGv6pPaO-aweTsLgyv0qqSs5YdTWSQRd15-lGDKiFV8jA8MzjrDCgiqLricCAQ83qK_cLgaYSVFuSAm7VMWghk2B9ZByiaf98XDI2jhE82qc44lfywJIPq2bk3lE9Uew3Y7KzChe3pf5QaaBNL9RaJoOdWD0jYryfHCMFulmUvUFvp3H9V61cg41hsYWUxEV4s-Y7iN5DS-nGO_srKBUpLi7G0Dy2kVlMFd4nfkGMZKpMiFR33-8vy_yva-al-wz_PZ8EhWmqogjylW1Rphtk2W-ChY25lt3F5ZbkV8QcCk-lOZpqIASp05RtN7CJYIctyPfkDKyocUh8Gzd7L97VG1xbg3ORiJeRA5fHgzdlY_GEhOcA1qHjoi8FiVJFKwBI8q789HNETaC4IBg9IHrbyLBMON3t6WbnzD8DpEOfFha9rW0ktsriaTdAd8THLEgnuDOi_b46sFitIyrNdaTUU1RZgAzQ3Gk0QFRzlYcOYHcPrvxrZu0Ko09lT1MrJQiOa4vvpPlJgeQFpuJz-zCEAxBczKx06OXMjOLlpJriQTCt88hFvVYeDxeqgTF1CsQaCXxqpRIRr4hSpVEp15VFPNr5H160ypJ-uFNJqJceacpJ45emS2Ye0PkiMgrmAuyuVF_PzD63tEEnnw4O0ns4OvBMzUxRcHGMr80XbXpikAHjWqh6NGuoP9KAGSgPFYmaMgHKgOSk8_yseNDvE-dz4U-DboKXIe-GtjwqZr_zvETrezSzP7Hy4UFt_TafkyAf6d0WCL_C5LCj1pe0wlL9UqN2EXkCh512rspo1EQ7-zJxtihEbfPYKLrypLn88eYIdG9Gp8rb9L-5dKjxTudJHuttMTf9EGMcWSV65U859iehVWb6Oiz3taNjkXrniDPBeh0R98y-TJh35wIlZ7bQ/// HTTP 302
https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

34 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
html-link.revcontent.com/click/
Redirect Chain

http://sli.law360news.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985
https://p.liadm.com/click?s=734151&li=7&m=7cc9e349a40b515be4c69b28c69fa42e&p=126985&_lc2_fpi=c76d2f5599c6--01etaw3fhhpw91v3z7teh3d1vv
https://d.liadm.com/click2/d25b204a/qm9bjzLPopGv6pPaO-aweTsLgyv0qqSs5YdTWSQRd15-lGDKiFV8jA8MzjrDCgiqLricCAQ83qK_cLgaYSVFuSAm7VMWghk2B9ZByiaf98XDI2jhE82qc44lfywJIPq2bk3lE9Uew3Y7KzChe3pf5QaaBNL9RaJoO...
https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

3 KB
2 KB

345ms
136ms

Document
text/html

34.228.136.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.228.136.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-228-136-138.compute-1.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

9ac4fdee1269c40685495094e890d216d8c1bdf5d2590046dc6c3701e8b7fd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

:method: GET
:authority: html-link.revcontent.com
:scheme: https
:path: /click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:52 GMT
content-type: text/html; charset=UTF-8
content-length: 1007
server: Apache/2.4.25 (Debian)
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
set-cookie: rv2_a=1; expires=Sun, 24-Jan-2021 17:17:52 GMT; Max-Age=2678400; path=/; domain=.revcontent.com; secure; SameSite=None r_0=1%7CMzczNjIwVjMEAA%3D%3D; expires=Sun, 24-Jan-2021 17:17:52 GMT; Max-Age=2678400; path=/; domain=.revcontent.com; secure; SameSite=None c_0=1%7CHY9JbsMwDEWvkhV3DjjIGpaBt90VPYCsIRFqS4GtND1%2Bhe74Pwm8R2Ll2AIRkxYwWhgFlGHWiEAarRVkw5BWHZIiZf1q58A22iyrF1FaAsaIENP53dtzuwN8fQIgvB8lgjhRiDwiX7fyk0rtqfZraDu01%2FEuNZ3%2BSGvqPR394evezv7fggxeDMISrGZjVwD6JSBQ2UkSMlN2PE8qj8mTCVO0NgZjnPVpBg4u%2BpDHauhOys5p8mukacYslFkPooYb2PGrQyQFH%2B283Oo9bYO8%2BK3kdtTiYWn3oXtZ2r6%2Fagm%2Bl1bHQTue7fA9wZAiREMg8Ac%3D; expires=Sun, 24-Jan-2021 17:17:52 GMT; Max-Age=2678400; path=/; domain=.revcontent.com; secure; SameSite=None
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains

Redirect headers

Server: nginx
Date: Thu, 24 Dec 2020 17:17:51 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 297 KB
102 KB 51ms
14ms Script
application/javascript 2600:9000:2127:b400:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Requested by: Host: html-link.revcontent.com
URL: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ed6751930ca9bbf54be9040c415e7e0db6f637854c5b886f9536cb1c5ae633bf

Request headers

Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 16:15:17 GMT
Content-Encoding: gzip
Age: 3755
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 24 Dec 2020 16:15:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: PRG50-C1
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: ygQ5ZQ2M6nVOAI2JfLjkalQXC0QQVpDB8_c-HfNGoljS62v4mVCdvQ==
Expires: Fri, 25 Dec 2020 16:15:17 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 42 B
719 B 460ms
115ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?s=rdr_url&pm_st=hCemQyZKnZzVSHsnkPcoAsRePlxjEzsn-FE7fPshldVrrKDwd3nLLFUnGNA==-E0zBNMVlbVfjMQ==&pm_ct=pm_click_id_fdab31d5bbcdf43ac6b4794948b0fda4&pm_pl=1608830272346&pm_td=15&pid=1000177&en=1.1&callback=__pm_glbl_xKKpF1mSI2nZgqGc6uWqWnkZ._gc1&v=da592e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 556193c41c1ca578a9ccdf90e52d08e4ce84019d3121797fa906dc40a23f19e0

Request headers

Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 17:17:52 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://html-link.revcontent.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK x.html
js.ad-score.com/ Frame 87FE 0
0 13ms
13ms Document
text/html 2600:9000:2127:b400:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: js.ad-score.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: token=lUtFmSdHfnsLO-7hlp-oqpESxDAawPJt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Last-Modified: Thu, 24 Dec 2020 06:03:59 GMT
Date: Thu, 24 Dec 2020 07:08:35 GMT
X-Cache: Hit from cloudfront
Via: 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: rKc3VAJnymjkvsc3UXtDVr1JBXYqlnGjp4DWAogwi9UhyEctOrT-rA==
Age: 36557

GET
DATA 200
OK truncated
/ Frame A727 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 89dd9292-d61c-4423-ac87-ea9abd6a4958
https://html-link.revcontent.com/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://html-link.revcontent.com/89dd9292-d61c-4423-ac87-ea9abd6a4958
Requested by: Host: html-link.revcontent.com
URL: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
280 B 374ms
145ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?s=rdr_url&pm_st=hCemQyZKnZzVSHsnkPcoAsRePlxjEzsn-FE7fPshldVrrKDwd3nLLFUnGNA==-E0zBNMVlbVfjMQ==&pm_ct=pm_click_id_fdab31d5bbcdf43ac6b4794948b0fda4&pm_pl=1608830272346&pm_td=237&pid=1000177&en=1.1&callback=__pm_glbl_xKKpF1mSI2nZgqGc6uWqWnkZ._gc2&v=da592e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://html-link.revcontent.com
Date: Thu, 24 Dec 2020 17:17:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
280 B 409ms
123ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?s=rdr_url&pm_st=hCemQyZKnZzVSHsnkPcoAsRePlxjEzsn-FE7fPshldVrrKDwd3nLLFUnGNA==-E0zBNMVlbVfjMQ==&pm_ct=pm_click_id_fdab31d5bbcdf43ac6b4794948b0fda4&pm_pl=1608830272346&pm_td=302&pid=1000177&en=1.1&callback=__pm_glbl_xKKpF1mSI2nZgqGc6uWqWnkZ._gc3&v=da592e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://html-link.revcontent.com
Date: Thu, 24 Dec 2020 17:17:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
280 B 355ms
137ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?s=rdr_url&pm_st=hCemQyZKnZzVSHsnkPcoAsRePlxjEzsn-FE7fPshldVrrKDwd3nLLFUnGNA==-E0zBNMVlbVfjMQ==&pm_ct=pm_click_id_fdab31d5bbcdf43ac6b4794948b0fda4&pm_pl=1608830272346&pm_td=404&pid=1000177&en=1.1&callback=__pm_glbl_xKKpF1mSI2nZgqGc6uWqWnkZ._gc4&v=da592e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://html-link.revcontent.com
Date: Thu, 24 Dec 2020 17:17:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST cors
data.ad-score.com/data/ 0
0

GET
H2 200 Primary Request why-latimeswine Show response
www.latimeswine.com/ 53 KB
12 KB 120ms
49ms Document
text/html 107.178.254.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a

Requested by

Host: html-link.revcontent.com
URL: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.178.254.45 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

45.254.178.107.bc.googleusercontent.com

Software

openresty / Express

Resource Hash

7eaf6d6e90aeb3e0280c5568dc5781f871afe48df3a034438f667a3b395a0fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: www.latimeswine.com
:scheme: https
:path: /why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://html-link.revcontent.com/click/?id=112163&key=f29302f1-9e61-3116-b5ad-69ba7e9d1987&affiliate_id=58161&size=300x250&li_did=f29302f1-9e61-3116-b5ad-69ba7e9d1987

Response headers

server: openresty
date: Thu, 24 Dec 2020 17:17:53 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"d3cd-AVTqbSpPNRTNSWBO5CL5HSP2vrQ"
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 utils.c184de99dc0ba5f0021e.js Show response
g.fastcdn.co/js/ 47 KB
16 KB 53ms
18ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.c184de99dc0ba5f0021e.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eeca3b6c9a50c2313fa01184856857911dce5be863c0e990b1c047b5f9b59084

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 06:35:14 GMT
content-encoding: gzip
age: 816159
x-guploader-uploadid: ABg5-UxWKQyXk91AtUG7hzJb_-E5sDZtOf2ILSYuR9oKNuaaLpiuKD7ZS97CJEyhXCUTIyzyMTj0z8kHVB5aCmlvtUA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 15992
last-modified: Thu, 10 Dec 2020 16:16:01 GMT
server: UploadServer
etag: "594835f43fe409a3a2e9108bd63ed54e"
vary: Accept-Encoding
x-goog-hash: crc32c=o+dE+A==, md5=WUg19D/kCaOi6RCL1j7VTg==
x-goog-generation: 1607616961575016
cache-control: public, max-age=31536000
x-goog-stored-content-length: 15992
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 15 Dec 2021 06:35:14 GMT

GET
H2 200 Cradle.4b7a8d4b03a59ff32f06.js Show response
g.fastcdn.co/js/ 16 KB
5 KB 52ms
18ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.4b7a8d4b03a59ff32f06.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a225a27c5de689c7c236c842afa4a7c9e7bdc53ffc2f05ff65c9855dea878001

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:35:36 GMT
content-encoding: gzip
age: 700937
x-guploader-uploadid: ABg5-Uy-62MY9zFI4u4hV9i-NT-DuTrN-N3BLgrNQ8e-Itw7KilLdN4JAMWuAJV5xw-_DtoFWp49LYqgjwQAv-7Q5-sQuuAjOQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 4791
last-modified: Wed, 16 Dec 2020 14:34:25 GMT
server: UploadServer
etag: "d32203e08eb1dd2641c4279a38f6b6dd"
vary: Accept-Encoding
x-goog-hash: crc32c=1rz6UQ==, md5=0yID4I6x3SZBxCeaOPa23Q==
x-goog-generation: 1608129265544950
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4791
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 16 Dec 2021 14:35:36 GMT

GET
H2 200 LazyImage.5c22b33358ebb526e37b.js Show response
g.fastcdn.co/js/ 3 KB
2 KB 51ms
17ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.5c22b33358ebb526e37b.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7a69efa7f043d1309d50f5d70776d810d4cd44833f5275f9753b8a3384cf8e50

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 05:28:00 GMT
content-encoding: gzip
age: 560993
x-guploader-uploadid: ABg5-Uw3qeF0VkCnHsMrbH2BxGOnDEed2ho9ij3jOruvMkWz7uMzDOlgxL-3AH3C_BVkQnaCM9yixUmj2ICTLoWuzaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1564
last-modified: Thu, 17 Dec 2020 12:02:59 GMT
server: UploadServer
etag: "84bcc7a8bc9590da263d48ca3f75b2c2"
vary: Accept-Encoding
x-goog-hash: crc32c=n9dmLA==, md5=hLzHqLyVkNomPUjKP3Wywg==
x-goog-generation: 1608206579519831
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1564
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 18 Dec 2021 05:28:00 GMT

GET
H2 200 Form.25799b892ef2640c75f5.js Show response
g.fastcdn.co/js/ 83 KB
22 KB 78ms
43ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Form.25799b892ef2640c75f5.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5f5477a710acd60f3ae1326e39434f104c9069f61cd8c2d15333702e3d176ad2

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 15:51:27 GMT
content-encoding: gzip
age: 5186
x-guploader-uploadid: ABg5-UxsoRqMzyb0zvqezFE_wrvhtuPadW68e848d20b1lp9XK54m2Q0OnpsdPXSVbbe1e7J-mHE5kxnRyz69qb_Fgxz_s488A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 21900
last-modified: Wed, 23 Dec 2020 19:28:54 GMT
server: UploadServer
etag: "4e8cc05ffb08f9428ddf243794d407ae"
vary: Accept-Encoding
x-goog-hash: crc32c=7PYE6g==, md5=TozAX/sI+UKN3yQ3lNQHrg==
x-goog-generation: 1608751734770394
cache-control: public, max-age=31536000
x-goog-stored-content-length: 21900
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 24 Dec 2021 15:51:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 37ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 15:27:15 GMT
server: ESF
date: Thu, 24 Dec 2020 17:17:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 17:17:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
714 B 45ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=latin-ext%2Clatin

Requested by

Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1678dbfa1acaf623177ec3565f29bab94c07019f1843af1322e3f457ec39fc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 17:17:53 GMT
server: ESF
date: Thu, 24 Dec 2020 17:17:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 17:17:53 GMT

GET
H2 200 LegacyVendors.d341954906ae69acee39.js Show response
g.fastcdn.co/js/ 95 KB
33 KB 63ms
32ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LegacyVendors.d341954906ae69acee39.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 95bdb8a3cd90e91621c9e68d4b157dd7fedab021ee89e9e173d17f93f0f03305

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 02:08:54 GMT
content-encoding: gzip
age: 1091339
x-guploader-uploadid: ABg5-Uy4BwsaYPDKzi57z5zh1z3mdHmcgePSXTyU-sZvoxoHe_8L5kD1rYbZduxWtfbpXFvWPoWZyZCz7DWcKr1O4AI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 33710
last-modified: Thu, 10 Dec 2020 16:16:00 GMT
server: UploadServer
etag: "fc551ad7e347bf019785e719fab1ba31"
vary: Accept-Encoding
x-goog-hash: crc32c=MgUolg==, md5=/FUa1+NHvwGXhecZ+rG6MQ==
x-goog-generation: 1607616960283275
cache-control: public, max-age=31536000
x-goog-stored-content-length: 33710
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 12 Dec 2021 02:08:54 GMT

GET
H/1.1 404
Not Found fonts.css
cloud.typography.com/7410416/7150392/css/ 0
0 1028ms
977ms Stylesheet
text/plain 104.109.54.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/7410416/7150392/css/fonts.css
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.54.208 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-54-208.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 17:17:54 GMT
Cache-Control: must-revalidate, private
Server: AkamaiNetStorage
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10

GET
H2 200 instapage-cm.js Show response
d1hdjv7b05hja2.cloudfront.net/js/ 6 KB
3 KB 45ms
9ms Script
application/javascript 2600:9000:206f:9a00:b:dc44:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1hdjv7b05hja2.cloudfront.net/js/instapage-cm.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9a00:b:dc44:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5210aedcd10bcdfc493fefc5d967eb4fd769a21163befc87f32f0b54a04ef9e

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Dec 2020 22:52:56 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 18:19:12 GMT
server: AmazonS3
age: 411898
etag: W/"5e55e3160c6bfd69c40b085adba4d6c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Vv6ILrLYfF4eD3_9uK6fz5hw-ybSezEKRCmPUiAKpcVQJc6gc8N96A==

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 24 KB
9 KB 371ms
122ms Script
application/javascript 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
strict-transport-security: max-age=315360000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 24 Dec 2020 13:03:08 GMT
x-frame-options: SAMEORIGIN
date: Thu, 24 Dec 2020 17:17:53 GMT
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 24 Dec 2020 17:22:53 GMT

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/ 111 KB
33 KB 172ms
139ms Script
application/javascript 34.120.27.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/it.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.27.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.27.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Ux4723N0tnuXiLQn5QkwTsMUVG-OjGhUfGe_TufbSKbeRKSVLVT9Yxo5Y_MRUpO58QauxoXkMFpxMwTX1OzFN4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-tracker-version: 2.15.0
alt-svc: clear
content-length: 33128
last-modified: Mon, 24 Aug 2020 17:06:45 GMT
server: UploadServer
etag: "318e77f6c3e7c333b55428540c33901b"
x-goog-hash: crc32c=KvIaMQ==, md5=MY539sPnwzO1VChUDDOQGw==
x-goog-generation: 1598288805406309
cache-control: no-transform
x-goog-stored-content-length: 33128
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 24 Dec 2021 17:17:54 GMT

GET
H2 200 sptw.js Show response
g.fastcdn.co/js/ 8 KB
3 KB 17ms
16ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.js
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1abbc438ccbec177464379a4522e624d4a7746eea304c7ac202728c80ebcccd4

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 23:19:49 GMT
content-encoding: gzip
age: 583085
x-guploader-uploadid: ABg5-UzL5CQZcvnCi6ZT4F0wvQ70fvJB5bMTsXBON-kJ187WhcUi6N3Gu-c1qMh9JEOUbrXb2uBDBKzJ0lv_i2bHZQCL9MxavA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 2834
last-modified: Thu, 17 Dec 2020 12:03:00 GMT
server: UploadServer
etag: "6db7500c6576046eb988802b0f231171"
vary: Accept-Encoding
x-goog-hash: crc32c=cwoqgg==, md5=bbdQDGV2BG65iIArDyMRcQ==
x-goog-generation: 1608206580827300
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2834
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 17 Dec 2021 23:19:49 GMT

GET
H2 200 sp-at-v2-14-0.js Show response
images.firstleaf.club/js/ 97 KB
29 KB 91ms
57ms Script
application/javascript 2606:4700:10::6816:2be0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstleaf.club/js/sp-at-v2-14-0.js
Requested by: Host: d1hdjv7b05hja2.cloudfront.net
URL: https://d1hdjv7b05hja2.cloudfront.net/js/instapage-cm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2be0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: OSL50-C1
cf-polished: origSize=100349
x-cache: Hit from cloudfront
content-encoding: br
cf-request-id: 07375ae39500004a8c033cc000000001
last-modified: Mon, 27 Jul 2020 04:28:00 GMT
server: cloudflare
etag: W/"8dba669b94e3865c9205ef8fd15ee4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=5356800
cf-ray: 606bfa7f5f614a8c-FRA
x-amz-cf-id: rAJrdZ-LDtBrU3VzguRnPCXaALrsKPDHENL6ccuzR1KgBVDUAPg3QQ==
cf-bgj: minify

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 47674325-0-maja-petric-vGQ49l9I.jpg
v.fastcdn.co/u/814df80e/ 2 MB
2 MB 532ms
482ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/47674325-0-maja-petric-vGQ49l9I.jpg
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c6bc1133c7307e4ef7476d9f3bad729aea0e818583819a1660996dd2e968da84

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
x-guploader-uploadid: ABg5-UydVo_TtgBB5kH05yOeyUK1CzK7qoAzwZQedZGIWy1bZQYO8ESti1ZKypnCR0V7c53AKrT8wsfKp9Zm7XIvw1ls2BiM3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Jan 2021 15:57:37 GMT
x-goog-meta-content-length: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2036350
last-modified: Fri, 22 Nov 2019 23:57:38 GMT
server: UploadServer
etag: "563435cb8c6b1ecca484ac7d069c72e4"
x-goog-hash: crc32c=9qPFXw==, md5=VjQ1y4xrHsykhKx9Bpxy5A==
x-goog-generation: 1574467058220753
cache-control: max-age=315360000, public
x-goog-stored-content-length: 2036350
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 24 Dec 2021 17:17:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 33ms
13ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.latimeswine.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 564596
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 18 Dec 2021 04:27:58 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 32 KB
33 KB 20ms
8ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=latin-ext%2Clatin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.latimeswine.com
Referer: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=latin-ext%2Clatin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 04:29:30 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:30:35 GMT
server: sffe
age: 564504
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33256
x-xss-protection: 0
expires: Sat, 18 Dec 2021 04:29:30 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.latimeswine.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 22:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 239485
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 21 Dec 2021 22:46:29 GMT

GET
H2 200 visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ 35 B
293 B 358ms
117ms Image
application/octet-stream 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/visit?api_key=de66b53ec67a4e32bdfd91a4faed0eab7e6deea8d56f720c92cc9befec673d807fb1a5bb91cbf66be5ce76a2d0f970796b4393498d1f9f53714c777fabf0324539dea42a59fc3fa7753fa174bfef31b758a9467fd8a07eeb0b09e0358cb8bb44fe8b3d5a174849214cf78012e9260b20b512ccacf09edf7a6edb53fa32e1839fd1f33d1bc53be622a4451760b1d2e055&data=eyJwYWdlX3VybCI6Imh0dHBzOi8vd3d3LmxhdGltZXN3aW5lLmNvbS93aHktbGF0aW1lc3dpbmU/cmV2X2NhbXBhaWduX2lkPTc2MzIwMyZ1dG1fc291cmNlPXJldmNvbnRlbnQmcmNfdXVpZD00YzFjMDhjYS04NTkzLTQ5NGItYTc0Yi04ZWUyZTRhMTkxM2EiLCJvd25lcl9pZCI6MTk3MzQ3NiwiY3VzdG9tZXJfaWQiOjIzNDQwOTEsInBhZ2VfaWQiOjE5NTI2OTE1LCJwdWJsaXNoZWRfdmVyc2lvbiI6NSwidmFyaWF0aW9uX25hbWUiOiJBIiwidmFyaWF0aW9uX2lkIjoxLCJsaW5rZWRfdmFyaWF0aW9uX2lkIjoyLCJ2YXJpYXRpb24iOiJBIiwicXVhbnRpdHkiOjEsImluaXRpYWxfcmVzcG9uc2l2ZV9tb2RlIjpudWxsLCJzdGF0aWNfcGFnZSI6ZmFsc2UsImphdmFzY3JpcHQiOnRydWUsInZpZXdwb3J0X2hlaWdodCI6MTIwMCwidmlld3BvcnRfd2lkdGgiOjE2MDAsImNhbXBhaWduX2lkIjpmYWxzZSwiYWRfaWQiOmZhbHNlLCJjYW1wYWlnbl9zb3VyY2UiOmZhbHNlLCJ2aXNpdGVkIjowLCJyZXNwb25zaXZlX21vZGUiOm51bGwsInJlZiI6Imh0dHBzOi8vaHRtbC1saW5rLnJldmNvbnRlbnQuY29tL2NsaWNrLz9pZD0xMTIxNjMma2V5PWYyOTMwMmYxLTllNjEtMzExNi1iNWFkLTY5YmE3ZTlkMTk4NyZhZmZpbGlhdGVfaWQ9NTgxNjEmc2l6ZT0zMDB4MjUwJmxpX2RpZD1mMjkzMDJmMS05ZTYxLTMxMTYtYjVhZC02OWJhN2U5ZDE5ODcifQ==&t=1608830274501

Requested by

Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
referrer-policy: same-origin
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding, Origin
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H2 200 46591755-0-Wines.png
v.fastcdn.co/u/814df80e/ 327 KB
328 KB 18ms
18ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/46591755-0-Wines.png
Requested by: Host: www.latimeswine.com
URL: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: f901caeac232fa90c5fe757482f70b3f3bffbdb66539393e478da564c5c880de

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
x-goog-stored-content-length: 334972
age: 36783793
x-guploader-uploadid: AEnB2UoPdKry-DXFPIjIDm7iB4fsII_OPdKHz1Ux0_FVurAp-TQLotCaq5ITcA1zdjXJg2iDcbc2J1px3WSM3TPw8C56gkICJg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 27 Nov 2020 08:06:33 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334972
last-modified: Mon, 07 Oct 2019 16:06:33 GMT
server: ECS (amb/6B89)
etag: "1f62caca1165f26b9d0dfb40f7851223"
x-goog-hash: crc32c=Ziz9MQ==, md5=H2LKyhFl8mudDftA94USIw==
content-type: image/png
x-goog-generation: 1570464393643785
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Fri, 24 Dec 2021 17:17:54 GMT

OPTIONS
H2 200 pipeline
ct.firstleaf.club/prh/ Frame 0
0 460ms
426ms Other 2606:4700:10::ac43:1a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Protocol: H2
Server: 2606:4700:10::ac43:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.latimeswine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Dec 2020 17:17:54 GMT
content-length: 0
access-control-allow-origin: https://www.latimeswine.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-max-age: 5
cf-cache-status: DYNAMIC
cf-request-id: 07375ae40600002b959687b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 606bfa800e542b95-FRA

POST
H2 200 pipeline Show response
ct.firstleaf.club/prh/ 2 B
346 B 437ms
436ms XHR
text/plain 2606:4700:10::6816:2be0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Requested by: Host: images.firstleaf.club
URL: https://images.firstleaf.club/js/sp-at-v2-14-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2be0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 17:17:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 606bfa82ba2c4a8c-FRA
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.latimeswine.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2
cf-request-id: 07375ae5b100004a8c08bee000000001

OPTIONS
H2 200 two
ec.instapagemetrics.com/t/ Frame 0
0 355ms
116ms Other 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.latimeswine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.latimeswine.com
access-control-max-age: 5
date: Thu, 24 Dec 2020 17:17:55 GMT
referrer-policy: same-origin
server: akka-http/10.1.10
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 0

POST
H2 200 two Show response
ec.instapagemetrics.com/t/ 2 B
440 B 355ms
118ms XHR
text/plain 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/it.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.10 /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 17:17:55 GMT
referrer-policy: same-origin
server: akka-http/10.1.10
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.latimeswine.com
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 201 raw-data Show response
heatmap-events-collector.instapage.com/api/ 33 B
648 B 386ms
153ms Fetch
application/json 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/api/raw-data

Requested by

Host: heatmap-events-collector.instapage.com
URL: https://heatmap-events-collector.instapage.com/static/lib.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.latimeswine.com/why-latimeswine?rev_campaign_id=763203&utm_source=revcontent&rc_uuid=4c1c08ca-8593-494b-a74b-8ee2e4a1913a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin, Accept-Encoding
content-length: 33
x-xss-protection: 1; mode=block
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
date: Thu, 24 Dec 2020 17:18:02 GMT
expect-ct: max-age=0
strict-transport-security: max-age=315360000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.latimeswine.com
access-control-allow-credentials: true
etag: W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: data.ad-score.com
URL: https://data.ad-score.com/data/cors?s=rdr_url&pm_st=hCemQyZKnZzVSHsnkPcoAsRePlxjEzsn-FE7fPshldVrrKDwd3nLLFUnGNA==-E0zBNMVlbVfjMQ==&pm_ct=pm_click_id_fdab31d5bbcdf43ac6b4794948b0fda4&pm_pl=1608830272346&pm_td=897&pid=1000177&en=1.1&callback=__pm_glbl_xKKpF1mSI2nZgqGc6uWqWnkZ._gc5&v=da592e5

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.latimeswine.com/	1970-01-20 08:25:02	Name: _sp_id.a299 Value: 76f32313-ad41-4690-91d6-3e40354cc62b.1608830275.1.1608830275.1608830275.93afa266-5ffa-41bf-88e9-af3456429b94
			.latimeswine.com/	1970-01-19 14:53:52	Name: _sp_ses.a299 Value: *

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6(Line 182) Message: [object Text]
console-api	debug	URL: https://js.ad-score.com/score.min.js?s=rdr_url&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&pid=1000177&tid=revcontent-API&l1=110071&l2=2.liveintent.com&l3=112163&l4=&l5=&l6=&pm_click_id=fdab31d5bbcdf43ac6b4794948b0fda4&ref=&pub_domain=&utid=4f93e317-f925-4f17-a17c-d88dc7798ae5&uid=9943ed4edc4bf8f342759aa8fab72fba&uip=185.212.171.67&cb=5fe4cd40237d6(Line 165) Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anthill.instapage.com
cdn.instapagemetrics.com
cloud.typography.com
ct.firstleaf.club
d.liadm.com
d1hdjv7b05hja2.cloudfront.net
data.ad-score.com
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
html-link.revcontent.com
images.firstleaf.club
js.ad-score.com
p.liadm.com
sli.law360news.com
v.fastcdn.co
www.latimeswine.com
data.ad-score.com
104.109.54.208
107.178.254.45
130.211.115.4
192.229.133.208
2.16.186.137
2600:9000:206f:9a00:b:dc44:3680:21
2600:9000:2127:b400:a:deb0:3380:93a1
2606:4700:10::6816:2be0
2606:4700:10::ac43:1a84
2a00:1450:4001:802::200a
2a00:1450:4001:81e::2003
34.120.27.38
34.224.147.78
34.228.136.138
35.222.120.150
35.244.137.202
52.204.11.212
07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1678dbfa1acaf623177ec3565f29bab94c07019f1843af1322e3f457ec39fc73
1abbc438ccbec177464379a4522e624d4a7746eea304c7ac202728c80ebcccd4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
556193c41c1ca578a9ccdf90e52d08e4ce84019d3121797fa906dc40a23f19e0
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f5477a710acd60f3ae1326e39434f104c9069f61cd8c2d15333702e3d176ad2
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7a69efa7f043d1309d50f5d70776d810d4cd44833f5275f9753b8a3384cf8e50
7eaf6d6e90aeb3e0280c5568dc5781f871afe48df3a034438f667a3b395a0fae
939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3
95bdb8a3cd90e91621c9e68d4b157dd7fedab021ee89e9e173d17f93f0f03305
9ac4fdee1269c40685495094e890d216d8c1bdf5d2590046dc6c3701e8b7fd5b
9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282
a225a27c5de689c7c236c842afa4a7c9e7bdc53ffc2f05ff65c9855dea878001
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
c5210aedcd10bcdfc493fefc5d967eb4fd769a21163befc87f32f0b54a04ef9e
c6bc1133c7307e4ef7476d9f3bad729aea0e818583819a1660996dd2e968da84
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
ed6751930ca9bbf54be9040c415e7e0db6f637854c5b886f9536cb1c5ae633bf
eeca3b6c9a50c2313fa01184856857911dce5be863c0e990b1c047b5f9b59084
f901caeac232fa90c5fe757482f70b3f3bffbdb66539393e478da564c5c880de
ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

www.latimeswine.com Open in urlscan Pro 107.178.254.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

94 %HTTPS

35 %IPv6

13 Domains

19 Subdomains

15 IPs

4 Countries

2653 kBTransfer

3231 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.latimeswine.com Open in urlscan Pro
107.178.254.45 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

94 %
HTTPS

35 %
IPv6

13
Domains

19
Subdomains

15
IPs

4
Countries

2653 kB
Transfer

3231 kB
Size

2
Cookies

34 HTTP transactions
4 data transactions