ew.com Open in urlscan Pro
13.225.78.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ew.com/
Effective URL:
https://ew.com/
Submission: On September 24 via manual (September 24th 2021, 5:11:27 pm UTC) from AU — Scanned from DE

Summary HTTP 221 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 47 domains to perform 221 HTTP transactions. The main IP is 13.225.78.93, located in United States and belongs to AMAZON-02, US. The main domain is ew.com.
TLS certificate: Issued by Amazon on March 2nd 2021. Valid for: a year.

This is the only time ew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:2400:d:2820:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:ae00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.50 13.224.193.50	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:c00:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:c000:11:e0c9:84c0:21	16509 (AMAZON-02) (AMAZON-02)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
19	13.224.193.15 13.224.193.15	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.224.186.4 13.224.186.4	16509 (AMAZON-02) (AMAZON-02)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.192.135.64 18.192.135.64	16509 (AMAZON-02) (AMAZON-02)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.207.5.56 52.207.5.56	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.193.48 13.224.193.48	16509 (AMAZON-02) (AMAZON-02)
1	52.21.208.222 52.21.208.222	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	50.112.221.239 50.112.221.239	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:600... 2600:1f14:600:6e00:77cb:3957:e000:1f7f	16509 (AMAZON-02) (AMAZON-02)
1	3.211.187.86 3.211.187.86	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	52.86.130.105 52.86.130.105	14618 (AMAZON-AES) (AMAZON-AES)
19	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.211.168.6 35.211.168.6	19527 (GOOGLE-2) (GOOGLE-2)
2 4	3.120.169.248 3.120.169.248	16509 (AMAZON-02) (AMAZON-02)
4 4	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 4	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
3 6	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
7 10	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 3	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
221	69

21 13.225.78.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

ew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2400:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

karma.mdpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ae00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-50.fra2.r.cloudfront.net

cdn.selectablemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c00:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c000:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

d9jj3mjthpub.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.224.193.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-15.fra2.r.cloudfront.net

imagesvc.meredithcorp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

meredith.dap.akadns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

meredith-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.5.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-5-56.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-48.fra2.r.cloudfront.net

ddrvjrfwnij7n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.208.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-208-222.compute-1.amazonaws.com

api.sele.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.112.221.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-221-239.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:600:6e00:77cb:3957:e000:1f7f (Boardman, United States)

ASN16509 (AMAZON-02, US)

aamapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.187.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-187-86.compute-1.amazonaws.com

api-ntv.sele.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.86.130.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-130-105.compute-1.amazonaws.com

trk-sp.sele.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com

sofia.trustx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.169.248 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.143.99 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.252 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.242.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.130 (Mountain View, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	249 KB
25	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	213 KB
21	ew.com 1 redirects ew.com	605 KB
19	meredithcorp.io imagesvc.meredithcorp.io	297 KB
11	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	24 KB
10	rubiconproject.com 4 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	19 KB
8	sele.co api.sele.co api-ntv.sele.co trk-sp.sele.co	6 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com as-sec.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
7	google.com adservice.google.com ampcid.google.com www.google.com	3 KB
7	segment.com cdn.segment.com	66 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
6	cookielaw.org cdn.cookielaw.org	153 KB
5	googletagservices.com www.googletagservices.com	183 KB
5	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	20 KB
5	openx.net meredith-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
5	bidswitch.net 2 redirects grid.bidswitch.net x.bidswitch.net	2 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	41 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	cloudfront.net d30qdagvt44524.cloudfront.net d9jj3mjthpub.cloudfront.net ddrvjrfwnij7n.cloudfront.net	6 KB
3	onaudience.com 2 redirects pixel.onaudience.com	1 KB
3	simpli.fi 1 redirects um.simpli.fi	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	2mdn.net s0.2mdn.net	133 KB
3	segment.io api.segment.io	403 B
3	indexww.com js-sec.indexww.com	15 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	yahoo.com 1 redirects ads.yahoo.com pr-bh.ybp.yahoo.com	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	rlcdn.com api.rlcdn.com id.rlcdn.com	321 B
2	google.se ampcid.google.se www.google.se	997 B
2	google-analytics.com www.google-analytics.com	20 KB
2	akadns.net meredith.dap.akadns.net	1 KB
2	facebook.net connect.facebook.net	79 KB
2	selectablemedia.com cdn.selectablemedia.com	37 KB
2	chartbeat.com static.chartbeat.com mab.chartbeat.com	10 KB
2	mdpcdn.com karma.mdpcdn.com	119 KB
1	adgrx.com cm.adgrx.com	408 B
1	trustx.org sofia.trustx.org	275 B
1	gstatic.com www.gstatic.com	11 KB
1	aamapi.com aamapi.com	180 B
1	googletagmanager.com www.googletagmanager.com	110 KB
1	google.de adservice.google.de	853 B
1	rkdms.com id.sv.rkdms.com	160 B
1	onetrust.com geolocation.onetrust.com	374 B
0	quantserve.com Failed pixel.quantserve.com Failed
221	47

	Domain	Requested by
21	ew.com	1 redirects ew.com
19	pagead2.googlesyndication.com	ew.com 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
19	tpc.googlesyndication.com	9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com ew.com tpc.googlesyndication.com securepubads.g.doubleclick.net
19	imagesvc.meredithcorp.io	ew.com
10	cm.g.doubleclick.net	7 redirects eu-u.openx.net
7	cdn.segment.com	ew.com cdn.segment.com
6	match.adsrvr.org	3 redirects eu-u.openx.net ssum-sec.casalemedia.com
6	googleads4.g.doubleclick.net	ew.com
6	trk-sp.sele.co	ew.com
6	cdn.cookielaw.org	ew.com cdn.cookielaw.org
5	www.google.com	ew.com 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com tpc.googlesyndication.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
5	9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	ew.com securepubads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	pm.w55c.net	4 redirects
4	x.bidswitch.net	2 redirects ssum-sec.casalemedia.com
4	ib.adnxs.com	1 redirects karma.mdpcdn.com acdn.adnxs.com
3	pixel.rubiconproject.com
3	pixel.onaudience.com	2 redirects ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	um.simpli.fi	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	sync.mathtag.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	eu-u.openx.net	karma.mdpcdn.com eu-u.openx.net
3	s0.2mdn.net	9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com ew.com
3	googleads.g.doubleclick.net	9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
3	api.segment.io	cdn.segment.com
3	c.amazon-adsystem.com	karma.mdpcdn.com c.amazon-adsystem.com
3	js-sec.indexww.com	karma.mdpcdn.com ssum-sec.casalemedia.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	loada.exelator.com	2 redirects
2	d5p.de17a.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	eus.rubiconproject.com	karma.mdpcdn.com eus.rubiconproject.com
2	ads.pubmatic.com	karma.mdpcdn.com ads.pubmatic.com
2	www.google-analytics.com	cdn.segment.com www.google-analytics.com
2	meredith.dap.akadns.net	karma.mdpcdn.com
2	connect.facebook.net	ew.com connect.facebook.net
2	www.instagram.com	1 redirects ew.com
2	d9jj3mjthpub.cloudfront.net	ew.com
2	cdn.selectablemedia.com	karma.mdpcdn.com cdn.selectablemedia.com
2	karma.mdpcdn.com	ew.com karma.mdpcdn.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	id.rlcdn.com
1	image4.pubmatic.com	ads.pubmatic.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	us-u.openx.net	eu-u.openx.net
1	sofia.trustx.org
1	acdn.adnxs.com	karma.mdpcdn.com
1	api.rlcdn.com	karma.mdpcdn.com
1	www.gstatic.com	9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
1	www.google.se	ew.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api-ntv.sele.co	cdn.selectablemedia.com
1	aamapi.com	karma.mdpcdn.com
1	ampcid.google.se	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	www.googletagmanager.com	cdn.segment.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	api.sele.co	cdn.selectablemedia.com
1	ddrvjrfwnij7n.cloudfront.net	ew.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	fastlane.rubiconproject.com	karma.mdpcdn.com
1	hbopenbid.pubmatic.com	karma.mdpcdn.com
1	meredith-d.openx.net	karma.mdpcdn.com
1	grid.bidswitch.net	karma.mdpcdn.com
1	htlb.casalemedia.com	karma.mdpcdn.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	mab.chartbeat.com	static.chartbeat.com
1	platform.instagram.com	1 redirects
1	d30qdagvt44524.cloudfront.net	karma.mdpcdn.com
1	static.chartbeat.com	ew.com
0	pixel.quantserve.com Failed	eu-u.openx.net
221	81

This site contains links to these domains. Also see Links.

Domain
secure.ew.com
x.specialoffers.meredith.com
w1.buysub.com
www.magazine.store
backissues.ew.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
www.snapchat.com
www.meredithcontentlicensing.com
www.4yourhealth.com
www.allrecipes.com
www.allpeoplequilt.com
www.bhg.com
www.bizrateinsights.com
www.bizratesurveys.com
www.cookinglight.com
www.dailypaws.com
www.eatingwell.com
www.eatthis.com
www.foodandwine.com
www.health.com
hellogiggles.com
www.instyle.com
www.marthastewart.com
www.midwestliving.com
www.more.com
www.myrecipes.com
www.mywedding.com
www.myfoodandfamily.com
www.my.life
www.parenting.com
www.parents.com
people.com
peopleenespanol.com
www.rachaelraymag.com
www.realsimple.com
serpadres.com
www.shape.com
siempremujer.com
www.southernliving.com
swearby.com
www.travelandleisure.com
www.meredith.com
www.onetrust.com

Subject Issuer	Validity	Valid
ew.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
karma.mdpcdn.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.selectablemedia.com Amazon	`2020-11-05` - `2021-12-06`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.meredithcorp.io Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
meredith.dap.akadns.net R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-15` - `2021-10-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
securedvisit.com Amazon	`2020-12-31` - `2022-01-28`	a year	crt.sh
api.sele.co Amazon	`2020-11-06` - `2021-12-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
aamapi.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
sofia.trustx.org Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh

This page contains 22 frames:

Primary Page: https://ew.com/
Frame ID: 150C0E6359F524C9B3649C3BC8245A6C
Requests: 124 HTTP requests in this frame

Frame: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34B39DD6AE6757E8CF437CA1EEE26E85
Requests: 1 HTTP requests in this frame

Frame: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 70CBA3B83FADB3F8761E0AC7E390EDF9
Requests: 12 HTTP requests in this frame

Frame: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 15B3CC27D17ACBBE1E8F9C2258F179BE
Requests: 13 HTTP requests in this frame

Frame: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42AA5C5CEF23682B61953AABE91D3BD7
Requests: 13 HTTP requests in this frame

Frame: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D641C07F4F77E1800D266A63E356319
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNXvCfyJopx5H9g8QcTwoqizZYWmxR-BlZT3sJOFrTtmnEQmmwIemN3ZM1hKAN-WKyE50ye-q6ypp0bvIcjdd5HmHXU-SQ
Frame ID: EDA47D7B3E86C9F82741448CFD49A534
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNUqdnQc1zFxDbi5eP63CgKW-IGcOFU-_ZqQyZIfB4TQW-qsDVi1IFa9QmofkBggAsG_6EQ5fIIzwWyaoyZH1MKU-YTi5g
Frame ID: 498FA1137C6BCEB49CFF9C2EF88B3F90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGPjxtrUBMAE&v=APEucNUpFspY0ceCcTwSCD8cTGwGeWag5gh15yycmo5Kp6MXe8yyRqParqwh8rm8RosC8OEO5zGWCCJnunvOW-OOq_5Ii0B18w
Frame ID: 37F6E3F3BA7E53A7996E7A1A9BABA3B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 227E6CCC8DAF1D626B91955B16CD3E03
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 644080DB1E8F67D3C67B43F43723E32C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 47B2A2AF6C0114B5B8D8D7958C9A9142
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 26A846DE4B3B6206B81F9C32CDEEE7D4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4198436FADDC5E22774CE5519A755C68
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Frame ID: B24108559057DC101FBA084CCEE2CF74
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F75E0D5F6CEC1772C72C7E102C5035FC
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Frame ID: 79FAF6A93B4E43CB2E71AB706E83E645
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 321605B0DBC66009FC4719DF08910052
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C3C6DF547A968CF53AAFF9EBDE17550B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 23F784B1FFBCEF2305002B989F03AF8A
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8
Frame ID: 2BD0416670B455E17F3E5D270CC8D085
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871
Frame ID: 4FCEE1348610C2CC43A90BC457269463
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entertainment News for Pop Culture Fans - Entertainment WeeklyEntertainment WeeklyEntertainment WeeklyEntertainment WeeklyEntertainment WeeklyEntertainment WeeklyEntertainment WeeklyEntertainment WeeklyBack ButtonFilter Button

Page URL History Show full URLs

http://ew.com/ HTTP 301
https://ew.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

221
Requests

99 %
HTTPS

41 %
IPv6

47
Domains

81
Subdomains

69
IPs

9
Countries

2526 kB
Transfer

8008 kB
Size

73
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.ew.com/common/profile/member/optout/
Title: Email Preferences

Search URL Search Domain Scan URL

URL: https://x.specialoffers.meredith.com/ats/show.aspx?cr=588&fm=226
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://w1.buysub.com/servlet/CSGateway?cds_mag_code=EWK
Title: Manage Your Subscription this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.magazine.store/entertainment-weekly/
Title: Give a Gift Subscription this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://backissues.ew.com/storefront/cBackissuesEW2018-p1.html
Title: Order Past Issues this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.magazine.store/entertainment-weekly/?utm_source=ew.com&utm_medium=owned&utm_campaign=i905ewr1w1211
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.magazine.store/entertainment-weekly/?utm_source=ew.com&utm_medium=owned&utm_campaign=i905ewr5w1211
Title: Subscribe this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://twitter.com/EW/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ewmagazine/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ew/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/discover/Entertainment-Weekly/1015541732

Search URL Search Domain Scan URL

URL: https://www.meredithcontentlicensing.com/
Title: Content Licensing this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://x.specialoffers.meredith.com/ats/show.aspx?cr=588&fm=226&regSource=18012
Title: Subscribe to Our Newsletter

Search URL Search Domain Scan URL

URL: https://www.4yourhealth.com/
Title: 4 Your Health this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.allrecipes.com/
Title: Allrecipes this link opens in a new tab

Search URL Search Domain Scan URL

URL: http://www.allpeoplequilt.com/
Title: All People Quilt this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.bhg.com/
Title: Better Homes & Gardens this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.bizrateinsights.com/
Title: Bizrate Insights this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.bizratesurveys.com/
Title: Bizrate Surveys this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.cookinglight.com/
Title: Cooking Light this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.dailypaws.com/
Title: Daily Paws this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.eatingwell.com/
Title: EatingWell this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.eatthis.com/
Title: Eat This, Not That this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.foodandwine.com/
Title: Food & Wine this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.health.com/
Title: Health this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://hellogiggles.com/
Title: Hello Giggles this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.instyle.com/
Title: Instyle this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.marthastewart.com/
Title: Martha Stewart this link opens in a new tab

Search URL Search Domain Scan URL

URL: http://www.midwestliving.com/
Title: Midwest Living this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.more.com/
Title: More this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.myrecipes.com/
Title: MyRecipes this link opens in a new tab

Search URL Search Domain Scan URL

URL: http://www.mywedding.com/
Title: MyWedding this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.myfoodandfamily.com/
Title: My Food and Family this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.my.life/
Title: MyLife this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.parenting.com/
Title: Parenting this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.parents.com/
Title: Parents this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://people.com/
Title: People this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://peopleenespanol.com/
Title: People en Español this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.rachaelraymag.com/
Title: Rachael Ray Magazine this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.realsimple.com/
Title: Real Simple this link opens in a new tab

Search URL Search Domain Scan URL

URL: http://serpadres.com/
Title: Ser Padres this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.shape.com/
Title: Shape this link opens in a new tab

Search URL Search Domain Scan URL

URL: http://siempremujer.com/
Title: Siempre Mujer this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.southernliving.com/
Title: Southern Living this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://swearby.com/
Title: SwearBy this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.travelandleisure.com/
Title: Travel & Leisure this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/nmg/privacy
Title: Privacy Policythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal-ti/ew/privacy_terms_service.html
Title: Terms of Servicethis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/adchoices
Title: Ad Choicesthis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal/web-accessibility
Title: Web Accessibilitythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ew.com/ HTTP 301
https://ew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 193

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3Ddff938f9-f059-4202-be2f-7ecc059b9ff0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3Ddff938f9-f059-4202-be2f-7ecc059b9ff0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=79&user_id=ErPQNhiM1MtOJj5&expires=30&ssp=themediagrid&bsw_param=dff938f9-f059-4202-be2f-7ecc059b9ff0

Request Chain 194

https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1ae614e-06b9-4b00-b788-31a91d7bc8d5

Request Chain 197

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2820295454859152894

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEILrxbP24vkawu9jNOy6eb4&google_cver=1

Request Chain 204

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU4GuXkMYcW3cUTfE4ZsIgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM27hccN2dLDJ3FQm3ivsh8&google_cver=1&gdpr=1

Request Chain 206

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&dcc=t

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEryNonQrCZj7oJmQAilUiQ&google_cver=1

Request Chain 210

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 211

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ErPQNhiM1MtOJj5&gdpr=1

Request Chain 216

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fsS6SPsuRqaFJ-5it8EDuA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d1ae614e-06b9-4b00-b788-31a91d7bc8d5

Request Chain 219

https://pixel.onaudience.com/?partner=214&mapped=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=13fdbcd8-60e7-4186-97d6-23e1568d2f23&icm HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=510ffd4198dd4b0914c08b055f10a18a

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0VDNEJBNDgtRkIyRS00NkE2LTg1MjctRUU2MkI3QzEwM0I4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPypNB8SWNhcdbq-NoN9_hA&google_cver=1

Request Chain 223

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=13fdbcd8-60e7-4186-97d6-23e1568d2f23

Request Chain 224

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6152023782419581133

Request Chain 225

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d1ae614e-06b9-4b00-b788-31a91d7bc8d5&expires=28

Request Chain 226

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM3YjgzMGUwZTFiNWZiNmJkMDdjMTFjM2MzZmUwZjFhODdkNzA1Nw

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELVQ0coHsJkLw3pV9dC6SMc&google_cver=1

Request Chain 230

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RZTUY1TlMtMTYtQzZUMg==

Request Chain 231

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KTYMF5NS-16-C6T2&sigv=1&esig=2~b828c89c8cb076d962a0acbf98c3efc3292e6626

Request Chain 232

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/o_3ht0gaesZpjsZprQVjg8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4200369850540108250

221 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ew.com/
Redirect Chain

http://ew.com/
https://ew.com/

500 KB
53 KB

3331ms
3312ms

Document
text/html

13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b19df80af6f0ef82f62caa83de9ed0b447120fee77802912030e89766a8c5a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ew.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Fri, 24 Sep 2021 17:11:17 GMT
server: nginx
x-powered-by: Element
cache-control: max-age=30
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
referrer-policy: no-referrer-when-downgrade
x-content-type: content-type-homepage
x-content-type-options: nosniff
x-element-page-cache: MISS
etag: W/"7ce28-Bg9jroqppN/yeFCHLma+Cri/Y48"
content-encoding: gzip
x-edge-origin-shield-skipped: 0 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Z-z3zA5IdMbzj-XYn3_i_jGVfqMpFBTM05Iw9nCt6BzizNXdGuapFA==

Redirect headers

Content-Type: text/plain; charset=utf-8
Content-Length: 49
Connection: keep-alive
Date: Fri, 24 Sep 2021 17:11:14 GMT
Server: nginx
X-Powered-By: Element
Location: https://ew.com/
X-Edge-Origin-Shield-Skipped: 0 0
X-Cache: Miss from cloudfront
Via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: _V1iR0jl0s8u9RMwFdJN4Uuyi61vHW9ZIbw4RKCMLu-AApfBhCV3nA==

GET
H2 200 karma.js Show response
karma.mdpcdn.com/service/js-min/ 376 KB
117 KB 92ms
16ms Script
application/javascript 2600:9000:21f3:2400:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/service/js-min/karma.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68f66839ba976e5e84b87f4e9bd8dea1c8fe130b8e0a7b87f7e6ef55c8cc8442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: x5RfUB5Ax4MEwfUXinkvcvwdzSzXeoKz
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 20:00:54 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: W/"31365a863b12de1d1fa0ea9fadec2511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 24 Sep 2021 17:11:17 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: RmgPMfFX84uX3gd8hSbdg7E2rAVYWm0XTv514dhNK3YX0-0WAZhfow==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 43ms
20ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e506883355a4e2a602e6c96aa453ba8329dc93a2ad68c1947243d6f670b45d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "996 / 873 of 1000 / last-modified: 1632481871"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25705
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Sep 2021 17:11:17 GMT

GET
H2 200 fontWoff2.css
ew.com/dist/ 232 KB
176 KB 13ms
13ms Stylesheet
text/css 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/fontWoff2.css
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 8f8c834d2a1046192d4b952180ae9a5dd687697833a4bf75f65fb6c422a8b265

Request headers

:path: /dist/fontWoff2.css
pragma: no-cache
origin: https://ew.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ew.com/
Origin: https://ew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ZBMzahLEun5ftR7f5BN2kcP1zbrJDdVmud-FGnNwAViIWFZsJHXSpA==

GET
H2 200 main.js Show response
ew.com/dist/ 399 KB
121 KB 13ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/main.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: bea4d699b8253ce6d62a29b6617629b09d6d1bb0f125186c1b5652f2b26ce500

Request headers

:path: /dist/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: RVkw0CJ2-U6QvCjs5RXp6xFaG4ofQA6khbWa7zJ3CP17tpoMxeVtZg==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 71ms
8ms Script
application/x-javascript 2600:9000:20eb:ae00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ae00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:54:25 GMT
content-encoding: gzip
age: 4612
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
last-modified: Thu, 08 Jul 2021 15:47:37 GMT
server: nginx
etag: W/"60e71e19-5a0d"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: INDftZzEnt8c89eu9DvHZy9zexxWLzDPvSqp4WsYXNqXZtGQkI0a9g==
expires: Fri, 24 Sep 2021 17:54:25 GMT

GET
H2 200 style.css
ew.com/dist/ 2 MB
206 KB 29ms
29ms Stylesheet
text/css 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/style.css
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 5e8fbd1eced6477b0174f339ca09479fb7fd124c3bec5a286d90eedc0c69975d

Request headers

:path: /dist/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: AZgDbwX1T69L1kD2krc4UGAmZI6u2WlNOvxGdSvIAg2XpJD19m1Yfg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 45ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 1421172
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da18f6db45b9e-FRA
expires: Fri, 24 Sep 2021 21:11:17 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/ 86 KB
24 KB 243ms
100ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04221009cebf646673d39ca96b0c2d263fbc92103c0874fbe142998fad3c7262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ty5O1c0DNUiPfBZj5HbZ_aWaCb67S6jG
content-encoding: br
etag: W/"390a6ced656fa01fa71f6906a0961270"
age: 107
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 05:18:17 GMT
server: AmazonS3
date: Fri, 24 Sep 2021 17:10:10 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: NQDQZkAhmy6WfMJytuBuofRwOXTrYUHOeVd-PF8RwGX_yEvN8Gk7lA==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 271b7928be5f7f18e3ede76d139fc282b258c14b26d0ef05d4623d0cb859371b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887f06fc01d48470756bd818c9d5ac08f826f1465e4c875019331e37524a30f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aeb82f5acfe68969d0f588f3f04d81c92d6a311a1c4d153eaac0ddb832d6bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 down-arrow.svg
ew.com/img/icons/ 573 B
927 B 10ms
9ms Image
image/svg+xml 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ew.com/img/icons/down-arrow.svg
Requested by: Host: ew.com
URL: https://ew.com/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 781231689f733ffd9e4234bebd13c969cf1d06caea5514fed06189c2e8e4c4a7

Request headers

:path: /img/icons/down-arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ew.com
referer: https://ew.com/dist/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 19:25:48 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 19:15:52 GMT
server: nginx
age: 1374329
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2678400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 573
x-amz-cf-id: xvBI_tIKJkXe5aMinNW9Tp438kqArq07687yoKAsH-xSPzmf4zWyuQ==

GET
H2 200 large-slash.svg
ew.com/img/icons/ 191 B
537 B 8ms
8ms Image
image/svg+xml 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ew.com/img/icons/large-slash.svg
Requested by: Host: ew.com
URL: https://ew.com/dist/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: ee772365ce777dde44e83cb4e94b94c51302a7c33b3126b0b2e602e901cd1c31

Request headers

:path: /img/icons/large-slash.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ew.com
referer: https://ew.com/dist/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/dist/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 19:25:48 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 19:15:52 GMT
server: nginx
age: 1374329
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2678400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 191
x-amz-cf-id: sOZu6VwJ5hkZ_RVPJ6W19md5Kpz2e3nE9XEZl6tfRWJECZdGuE0QpA==

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27b337866aea9dc152dddf06463fcfdfe2eff2007bab75a4ca8907670887ff4f

Request headers

Referer
Origin: https://ew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 37 KB
37 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74057f85bb994a2c8e204971016959c46411f6586380f33c1a45cb84178da80b

Request headers

Referer
Origin: https://ew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11f6d50a8c82ea6786a17d9c849ce648098423f75cc2a7fc6d7ebb2a15162d2e

Request headers

Referer
Origin: https://ew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ 4 KB
2 KB 27ms
12ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e767be1cbb41ac4bfbed24cb276ae04341448348e6d5b8893656b5669966a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Z6SJBW8hi814es+saRaXMQ==
age: 4141217
vary: Accept-Encoding
content-length: 1479
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 17:33:36 GMT
server: cloudflare
etag: 0x8D930ECDF1D6DCC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 470f5af0-e01e-0171-70bd-8bec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da1911eba5be1-FRA

GET
H2 200 sm_uber.js Show response
cdn.selectablemedia.com/tg/p/bPxqAvRO/js/ 18 KB
7 KB 401ms
145ms Script
application/x-javascript 13.224.193.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.selectablemedia.com/tg/p/bPxqAvRO/js/sm_uber.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-50.fra2.r.cloudfront.net
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 68645e752e4a92d89b1aafdc3d81c1929e5e5e5787586422151a381b5a24574c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:10:10 GMT
content-encoding: gzip
age: 114
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 16:52:02 GMT
server: nginx/1.4.6 (Ubuntu)
etag: "60edc4b2-4960"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: si2E0Hx9yrSzii2U96XLL5FQadrTnJcY9m6pRMQu-0DQblkjUgabbA==
expires: Fri, 24 Sep 2021 17:14:24 GMT

GET
H2 404 segments
d30qdagvt44524.cloudfront.net/production/ 0
0 421ms
376ms Script
application/json 2600:9000:21f3:c00:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=72ce70e7-d2ae-41ad-af78-90c01c692638
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c00:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 enw.mdp.com.json Show response
karma.mdpcdn.com/configs/3.22/ 6 KB
2 KB 25ms
8ms XHR
application/json 2600:9000:21f3:2400:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/configs/3.22/enw.mdp.com.json
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5e94d63dba889b4412cac73fb370f32a133ffa2fcac496d23e8c6657bb3c507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: MIEYD7wnVzZ5K9NKCKNIBkS6ddsBnwfo
content-encoding: gzip
etag: W/"430f4860a1dbaa0388d7b633826badc6"
age: 77
x-cache: Hit from cloudfront
access-control-max-age: 3600
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 19:55:47 GMT
server: AmazonS3
date: Fri, 24 Sep 2021 17:10:10 GMT
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fWQMuVRYOsEgSTC1NCXzLn-TxRddOeZ8qA_5fTDlg9oAbFhV5OZ5uw==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
374 B 104ms
8ms Image
image/gif 2600:9000:21f3:c000:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.20&type=karma&globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638&request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e&url=https%3A%2F%2Few.com%2F&host=ew.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&muuid_origin=ew.com
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:43 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 2196
etag: "28d6814f309ea289f847c69cf91194c6"
x-edge-origin-shield-skipped: 0
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: pULLk-rEw1Q0lI0RwwN2kRIqzidg3LTJ57MRZIYj33JeGjV9A12UNg==

GET
H2 200 / Show response
ew.com/hermes/ 0
676 B 22ms
21ms XHR
text/plain 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
vary: Origin
access-control-allow-methods: GET,HEAD
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
x-cache: LambdaGeneratedResponse from cloudfront
set-cookie: globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; Domain=.ew.com; Max-Age=63072000; Path=/ last_request_id=; Domain=.ew.com; Max-Age=63072000; Path=/ visit_ts=1632503477935; Domain=.ew.com; Max-Age=63072000; Path=/ previous_ts=; Domain=.ew.com; Max-Age=63072000; Path=/ pageview_count=1; Domain=.ew.com; Max-Age=63072000; Path=/ muuid_origin=ew.com; Domain=.ew.com; Max-Age=63072000; Path=/
content-length: 0
x-amz-cf-id: _t7FQYJGdC86KHA10aMZJqxXmDbRc9pz-1XhnBfxWMzD3mwyTa8cwg==

GET
H2 200 75-4e99ed04.js Show response
ew.com/dist/ 13 KB
5 KB 12ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/75-4e99ed04.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: bc3f98bb611b2b63d44c3fc30808de76447b0d821afb78075434c76a3b375f56

Request headers

:path: /dist/75-4e99ed04.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 0R-ygvD1GcHY-o5WqyHjtgSA-953n6SkwFK9mcI0iAOmmdZt_UkGEg==

GET
H2 200 8-1fe7a871.js Show response
ew.com/dist/ 12 KB
5 KB 11ms
11ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/8-1fe7a871.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 7f337f0a2be7421bdf955363f2bcf16a2353705ae4b90ac752cb2fcdfbed6da7

Request headers

:path: /dist/8-1fe7a871.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ZHZqE7NOxa4O3c_JLptitb75NJHo34Wc6NCbB6U4zQHjQPymcyZ6IQ==

GET
H2 200 50-692f981d.js Show response
ew.com/dist/ 7 KB
3 KB 20ms
20ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/50-692f981d.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 0cd886ff5717cb667d14f9ebcb8d6952259e67707654e3a0d3714ed0a27e0df9

Request headers

:path: /dist/50-692f981d.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: SOIPHDVBYYVgKqxiitRP7wseCxHTn5Ep8B-G32gZ_ycBmypP4m03jg==

GET
H2 200 12-a4976701.js Show response
ew.com/dist/ 6 KB
2 KB 12ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/12-a4976701.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: a1ad18bfb35fa470cd23ec8bc7f45ac9b0b4642f537d1a6b180b3b017595000a

Request headers

:path: /dist/12-a4976701.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: JwJbo23KHItTBPTxQQBTEPz1BgA3Z_idep5AbfkeP-PqYpo1-2xNqg==

GET
H2 200 13-4aa365be.js Show response
ew.com/dist/ 8 KB
3 KB 12ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/13-4aa365be.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 57bc5bd8620ec1923f7e30e7c9e5a4d358ff1f61af94e3c7f2dba5cde1a73848

Request headers

:path: /dist/13-4aa365be.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: WVw8V3NezXvpVAetLPSUL5rzVC7_1kti1RgaZgadUQyLQ5h2DC8-LA==

GET
H2 200 11-32049a34.js Show response
ew.com/dist/ 6 KB
3 KB 12ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/11-32049a34.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: cb6e264b61d6eaca8ec5179eaf0fb415d8b4f37f7dd596933d8a2a4cd0afe6c8

Request headers

:path: /dist/11-32049a34.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: RfcJHHawC9NwtitBtSgM2vdiqiT1vumGlXu9Y-a9jvwMxoOku57GYA==

GET
H2 200 0-5da4d3fa.js Show response
ew.com/dist/ 18 KB
5 KB 9ms
9ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/0-5da4d3fa.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: d5e3d41683f3537e6590ff6b51cc471905352f5bfa0559ea39ea63d5bd601055

Request headers

:path: /dist/0-5da4d3fa.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:10:33 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
age: 44
x-powered-by: Element
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0 0
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1aJEOrhZ6stRfHinbkJavLkFR61pm9_LD5xdGmCKKRsP9HH3XObz_w==

GET
H2 200 22-076095ff.js Show response
ew.com/dist/ 5 KB
3 KB 16ms
15ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/22-076095ff.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: a368e2a95d9170498c4421d1d5fe1fbc73c204e4c4e380ccc295561fa863603f

Request headers

:path: /dist/22-076095ff.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: rLN33pF1zPlHM8gC_r7FR8TzAraesCdcNTISYEa_P5iBx7VgD0_2Eg==

GET
H2 200 66-d190c69b.js Show response
ew.com/dist/ 10 KB
3 KB 12ms
10ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/66-d190c69b.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: ca456850275a3f561a8197ebd12f7fd358cb4d7e09ece000b25c9db18b13c165

Request headers

:path: /dist/66-d190c69b.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; visit_ts=1632503477935; previous_ts=; pageview_count=1; muuid_origin=ew.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: x-bv1O-jYf0Xp693xp-RuZKsaYV4oIGC-EvTNeBQXjyISuN_glIqYQ==

GET
H2 200 5-c987312c.js Show response
ew.com/dist/ 8 KB
3 KB 13ms
13ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/5-c987312c.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: 870ac2963acdb89fb8efeb8bc76d8626143d6fdf9ac2f61b09cecb8237ba6d78

Request headers

:path: /dist/5-c987312c.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; visit_ts=1632503477935; previous_ts=; pageview_count=1; muuid_origin=ew.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: jf4RXIRTvQ2PUHycj5uZk2-emoM2kVns48LvUnzyDt2TyWHqNK8z8Q==

GET
H2 200 3-b8c90346.js Show response
ew.com/dist/ 18 KB
7 KB 12ms
12ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/dist/3-b8c90346.js
Requested by: Host: ew.com
URL: https://ew.com/dist/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: ead0da19ace10eea3a647047d2a7c4a979915c3c6fbe7c472f07bd3673334b02

Request headers

:path: /dist/3-b8c90346.js
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; muuid_source=CLIENT; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; visit_ts=1632503477935; previous_ts=; pageview_count=1; muuid_origin=ew.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:28:24 GMT
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 4NlGlyrSO_I0KqCcr0EQ0wBT7jBKiO6XbdMEAIf7OBXuZXYQPO1Yfw==

GET
H2

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

308ms
7ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:19:14 GMT
x-fb-trip-id: 1679558926
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-encoding: br
content-length: 4824

Redirect headers

date: Fri, 24 Sep 2021 17:11:18 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b9b963f69d7f73067a4bafd53ec264896fdd73678b85af1aba3ae551e35897c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QnQXXfe1m/Cjm508F0qPYg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 9msJtLemkUdxnUYcvZ9kRf/GumTylJFtecNLmOyoizBaKXPdOnHSNGkWYGPyuE3Fd+95LeHklgBIpiZAYAhPHg==
x-fb-trip-id: 917726464
x-fb-content-md5: 8fdeabf81c7430e4d27fc9e298559056
x-frame-options: DENY
date: Fri, 24 Sep 2021 17:11:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "775c4d8c04893406ef6285999a868d4a"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Sep 2021 17:21:03 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 143 B
473 B 156ms
104ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=ew.com&domain=ew.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0ec2934fcd51ed2400668d44d491b88cd7d6b458423ba613f0d769744dd11f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 120
x-served-by: cache-fra19136-FRA
access-control-allow-origin: *
x-timer: S1632503478.050690,VS0,VE97
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 22 Sep 2021 17:11:18 GMT

GET
H2 200 pubads_impl_2021092301.js Show response
securepubads.g.doubleclick.net/gpt/ 338 KB
119 KB 17ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121150
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Sep 2021 17:11:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 155 B
126 B 30ms
16ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3de596d5f3832685a552f53f2b4cc0a23383f113f00c59f962b0e7aa5b7a94d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:11:18 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/ 25 KB
5 KB 200ms
96ms XHR
application/json 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20828ddb10f2d25bcc1c846b05941e12a2b846db03f104ef8e1ae4a8ffcaafe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 64twPgJOw_F1_jPZwJPBc26bKLqjAunQ
content-encoding: br
etag: W/"ab8ad62e0235d5b85f3883410eec5b32"
age: 9146
x-edge-origin-shield-skipped: 0
access-control-max-age: 3000
x-amz-replication-status: PENDING
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Sep 2021 17:38:04 GMT
server: AmazonS3
date: Fri, 24 Sep 2021 14:39:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8akezmDSVeE1eFcwG9ljlhOfSsKXfAUI3mlQoyCu5g6dTNZiKlId2w==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 55ms
23ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 693da191dc0605c4-FRA

GET
H/1.1 200
OK 184003-52190608802424.js Show response
js-sec.indexww.com/ht/p/ 36 KB
13 KB 47ms
8ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: af34237a192972deb44d32c8f526dec767b3c7a417257a7f0101ad5650b2192e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 17:06:00 GMT
Server: Apache
ETag: "762389-8f90-5ccc0c3013afe"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3418
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12652
Expires: Fri, 24 Sep 2021 18:08:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 268 KB
76 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9bde98c1709a8c29d9d9bfc4427d40e0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3bb646a270a09c0ccd57cfb033c1814f4f1b6c0d356ece55f917995ebff4d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ew.com/
Origin: https://ew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tPGmdIxFcXqT2yQ0BkhKjQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77567
x-fb-rlafr: 0
x-fb-debug: ZM3JggNGGhugscn4Q9K++BsMq0/UcXBzM/Uumie+EBftlSCOtKdK1RszJ0jsOtEg9c51NdNPFMbHX666Pa6Feg==
x-fb-trip-id: 917726464
x-fb-content-md5: 6ddd7dfa3aaefcdaa74623486c55e1ad
x-frame-options: DENY
date: Fri, 24 Sep 2021 17:11:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "89070ece72063e461521aefa857bc08b"
timing-allow-origin: *
expires: Sat, 24 Sep 2022 15:38:43 GMT

GET
H2 200 generic-image.svg
ew.com/img/icons/ 4 KB
2 KB 10ms
7ms Image
image/svg+xml 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ew.com/img/icons/generic-image.svg
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: b91819f022c536b830d58562eb0589022032273de9010c0d8e6993a22ff1d8aa

Request headers

:path: /img/icons/generic-image.svg
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; visit_ts=1632503477935; previous_ts=; pageview_count=1; muuid_origin=ew.com; muuid_source=SERVER
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 12:17:21 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:23:32 GMT
server: nginx
age: 276837
x-powered-by: Element
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0 0
content-type: image/svg+xml
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: cusxkN8aWJETkiAq5UQQB6pvGIwPZ-EOghk4CIPRuqv5BhBV17GjFA==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 65 KB
65 KB 102ms
34ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F24%2Fthe-View.jpg&w=640&h=428&c=sc&poi=%5B640%2C13%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 0a899f30614c66f17d39e785b6b058963e07b3aa2849c68d1b551f05693815dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:35:01 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 16:35:00 GMT
server: nginx/1.16.1
age: 2177
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: TvARx4mnvMO-ZfinH8rzTeqUKTo3uTETaBHk0JRimaeo-10B3zlD0w==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 16 KB
17 KB 100ms
32ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F24%2FDaniel-Craig.jpg&w=316&h=211&c=sc&poi=%5B1020%2C53%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: c087d9beaeff39e003ac053fa134f11f139cdcf44bc78c20de71d20610e10338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:35:01 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 16:35:00 GMT
server: nginx/1.16.1
age: 2177
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4G9tqLDj6qU7EcLL9Vt9Jki1dIXCThtgeMfga8tn8Nr3BDpKkLc6dA==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 16 KB
17 KB 106ms
38ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F24%2FGettyImages-50813206.jpg&w=316&h=211&c=sc&poi=%5B980%2C306%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 4aace3cf04b0852e4dfd59ee463a4b48dc574affbd9551e7d031130f28cfacd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:22:03 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 13:22:03 GMT
server: nginx/1.16.1
age: 13755
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VLDwq9jtW6kArxmA-NtNsMzBSXVR0G_cZ-Rf-ynJmm5evRlVaOjRzg==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 6 KB
6 KB 121ms
54ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F24%2FDoctor-Who.jpg&w=80&h=80&c=sc&poi=%5B460%2C133%5D&q=85&rect=151%2C17%2C838%2C705
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 73aeb0d9d0781f56c11b3f29e45777cd99e914f607d6325c9d87923463a6fc12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:35:00 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 16:35:00 GMT
server: nginx/1.16.1
age: 2178
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: yvD0SGzM5oa0obH5YzT9VNa3FW22gClX3BbPyTfDPsUfDFI4r0FPvw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 10 KB
11 KB 94ms
27ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F22%2F2538_D024_00135R2.jpg&w=80&h=80&c=sc&poi=%5B1020%2C306%5D&q=85&rect=475%2C0%2C1542%2C1066
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 1dbcb85972f68f310f7373b670a1a930846ca6d359508f78800a2adb065c18a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 04:02:26 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 04:02:26 GMT
server: nginx/1.16.1
age: 47332
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4-ya3DYKIGazc_AKu6zbziktQGwaxDbb2APb2LS7YEkkXCqw1EdViQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 4 KB
5 KB 92ms
25ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F24%2FLilNasX_1.jpg&w=80&h=80&c=sc&poi=%5B1020%2C13%5D&q=85&rect=538%2C6%2C1535%2C1002
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: a15a07309db07c6187684a1be460639c6cb42e21ea07b6772ea266fd7e6c8a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:35:00 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 16:35:00 GMT
server: nginx/1.16.1
age: 2178
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2IFqx4v1EcIT5brCFKN0unZ1S6DIOI6CffNQX1kGtO_4bTfSGYpiSw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 9 KB
10 KB 50ms
48ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F23%2FThe-Masked-Singer-24.jpg&w=80&h=80&q=85&c=tc&rect=50%2C0%2C981%2C931
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 1fa40a2902d5f7e60608e7fc90b0ff90e9a3a18e2ae98456f268c5e54d22e910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:35:00 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 16:35:00 GMT
server: nginx/1.16.1
age: 2178
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: scedkyapIXTdcHoDrR9BRYJ7V4tSk_8dK6gRB9u5ieDHInIIhO5BAw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 5 KB
6 KB 54ms
51ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F08%2Fwhattowatch-1.png&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: db33b8cbace74c3bc7e32ebb51dfcaf53eb87d4284c90d570cb699f311afe964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 20:15:41 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 20:15:41 GMT
server: nginx/1.16.1
age: 1371337
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lf21SKjU4pZ35Lziq3Mr8Iv1mFMAG4ZdWXEVWruQQ3CtqKa0vzlJGQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 18 KB
18 KB 69ms
67ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F23%2FMMASS_101_Unit_07932RC.jpg&w=300&h=201&c=sc&poi=%5B960%2C66%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 5c85fb5ea0475ab4aeb7524ffabf2f2c5606da512437fdcc486cc6bfeae57275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:07:28 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 12:07:28 GMT
server: nginx/1.16.1
age: 18230
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UVe-gc5s2s4LNr0PJTwtVfxaZouB9jb-KBb0cNp92cwlunLNPdypAA==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 16 KB
17 KB 51ms
49ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F08%2F30%2FHE_639328.jpg&w=300&h=201&q=85&c=tc
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: d5770348b9b89ef448d1207339c5cb05c9c8307c7f14178b46951dd0ff082c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 19:00:54 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 17 Sep 2021 19:00:54 GMT
server: nginx/1.16.1
age: 598224
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: YQW33gtEH7Qy535A0RvxHNuSeaXdQ7tUImAbZHzULhLtOBnj5sT5pg==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 13 KB
13 KB 72ms
70ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F22%2Fwtwtout.jpg&w=300&h=201&c=sc&poi=%5B640%2C39%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: db3a4df47bb291d250896991731e154207df7b61e0e6a268b647e4613a122d47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:21:43 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 16:21:43 GMT
server: nginx/1.16.1
age: 175775
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7dLG55QexNBsOq4q5jGG2kZ64rgfrI1kvbv_SeEmibf3DwcmvG7hmQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 7 KB
7 KB 76ms
74ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F08%2Fawardist-1.png&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 2eac73beb9d291744e6bfb8196c0a181ddc3827c564e363afeae8061de029263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:58:47 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 15:58:46 GMT
server: nginx/1.16.1
age: 90751
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: p21pHHOrpuobZIpU9rIBY0GTq3l2C4jYqiDxTnvJBVZTJ0B4MNgOgA==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 21 KB
21 KB 52ms
50ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F06%2F03%2FAwards.jpg&w=300&h=201&q=85&c=tc
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 5370a3619aa15335221c6737642060886eabbef0ee09d5377118b2d8f0dbc696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:26:23 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 15:26:23 GMT
server: nginx/1.16.1
age: 92695
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: oLeXpTVSJ1VhbnN4u6lPu5-jqFcBzstMz0uyBDk9xmMtXbK6He6cJg==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 19 KB
20 KB 71ms
69ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F20%2Femmy-wins.jpg&w=300&h=201&c=sc&poi=%5B765%2C380%5D&q=85&rect=0%2C0%2C1499%2C999
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3f908883a0e9c875085f7fc35000c261524708d77358d660aa500a404bb0beed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 04:17:17 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 04:17:16 GMT
server: nginx/1.16.1
age: 392041
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Z1r3h_0F6uaB8M7UO3b2jlNhqt1ZSunfEo5UuOtCmGVaRMPFEgrpKQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 9 KB
9 KB 51ms
49ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F19%2FHeat-Index-1.jpg&w=300&h=201&c=sc&poi=%5B1420%2C426%5D&q=85&rect=0%2C0%2C2000%2C1333
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: b21cbeea85304790d5358e77e42b5c36283c426b4e078fe27d2dcc750f5fb31c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 01:51:57 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 01:51:56 GMT
server: nginx/1.16.1
age: 55161
x-image-msg: IMAGE NOT PROCESSED
x-edge-origin-shield-skipped: 0
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: y4alS0ykD6kJbzgMKtGQl3GJgwvai7J9DZ5ArvjBkZnVfKjGWskB5Q==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 2 KB
3 KB 69ms
67ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F08%2Fbinge-1.png&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: e0fc97c59a01aa3b86b2454ffc1fc3f56e12b54bb495489b1c38954d6c3d4f50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 20:15:41 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Wed, 08 Sep 2021 20:15:41 GMT
server: nginx/1.16.1
age: 1371337
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4b7twcwQ-iq47zGSYdsb1aH71lH_gjIIpfUwzg0EVEnU1dk1F0XLkQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 28 KB
29 KB 74ms
72ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F09%2F06%2Flucifer-601.jpg&w=300&h=201&c=sc&poi=%5B825%2C250%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 8e45d36732fd4adb6be03c4b4e7ba59ed3e65831f14f8c72f0bcb93f194a0cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 07:29:12 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 07:29:11 GMT
server: nginx/1.16.1
age: 1244526
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: JF8PfNTKYYwvy539VRYHPETIVbY3UWg1CAAxvlb7Sip_iFrL1eVMhA==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 15 KB
15 KB 93ms
92ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F01%2F15%2FDEXTER_701_0072.R.jpg&w=300&h=201&c=sc&poi=%5B1020%2C173%5D&q=85
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 8e32b4aadc76894582280108bfaef505a393940a8e42146b9ef9e39a4f76d21a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 16:31:28 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 16:31:28 GMT
server: nginx/1.16.1
age: 1211990
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Pcn8rNCHdAILTcDtHFuP2jcZQjT4UBhPUGo4H93WfrklTMYunVzWng==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 10 KB
10 KB 77ms
75ms Image
image/webp 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F6%2F2021%2F06%2F20%2FJeremy-Swift-Ted_Lasso-2000.jpg&w=300&h=201&q=85&c=tc&rect=313%2C0%2C2000%2C1125
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 81f545e3189cf33ac88622a2f37c20346522a2ba1af686759e7d5c89e13a5286

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 16:15:43 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 16:15:43 GMT
server: nginx/1.16.1
age: 1212935
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wMAXMUUFlB_ixHXDOlWLm1J_yeW8zinWnWnanzuCwVRR0nq5S7yw1g==

GET
H2 404 sitewide-alert Show response
ew.com/element-api/content-proxy/ 38 B
547 B 131ms
131ms XHR
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/element-api/content-proxy/sitewide-alert
Requested by: Host: ew.com
URL: https://ew.com/dist/3-b8c90346.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: nginx / Element
Resource Hash: b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa

Request headers

:path: /element-api/content-proxy/sitewide-alert
pragma: no-cache
cookie: _cb_ls=1; muuid_origin=ew.com; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; request_id=4d9f8360-500d-4b5a-acb1-f225f0c0323e; previous_ts=; visit_ts=1632503477935; pageview_count=1; globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638; last_request_id=; visit_ts=1632503477935; previous_ts=; pageview_count=1; muuid_origin=ew.com; muuid_source=SERVER
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: ew.com
referer: https://ew.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
etag: W/"26-ELlU8zCQImGVufNufBwxhxLCesI"
server: nginx
x-edge-origin-shield-skipped: 0 0
x-powered-by: Element
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/json; charset=utf-8
cache-control: max-age=30
x-amz-cf-pop: FRA2-C2
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
content-length: 38
x-amz-cf-id: O_l1-BKK7C84g7wgxHHtEzB5cccTtGWsz0K8ZiAm2o25xL3yc4goSg==

OPTIONS
H/1.1 200
OK tokenize
meredith.dap.akadns.net/data-activation/x1/domain/ew.com/identity/ Frame 0
0 140ms
7ms Preflight
text/html 2a02:26f0:6c00::210:ba33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://meredith.dap.akadns.net/data-activation/x1/domain/ew.com/identity/tokenize?gdpr=0&gdpr_consent=&us_privacy=null
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00::210:ba33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 0
Date: Fri, 24 Sep 2021 17:11:18 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 75ms
9ms Script
application/javascript 13.224.186.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding: gzip
etag: 3900a2c2d757386fb762bfd86288f882
age: 670
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0SRCGEBN5MYE0P98ZS5Z
date: Fri, 24 Sep 2021 17:00:08 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YHNtqv72Dxbg4euxLnYQhfnWfRzx4K1Eo2BTl130i52UqkM8mm4hXg==

POST
H/1.1 201
Created tokenize Show response
meredith.dap.akadns.net/data-activation/x1/domain/ew.com/identity/ 0
1 KB 407ms
407ms XHR
application/xml 2a02:26f0:6c00::210:ba33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://meredith.dap.akadns.net/data-activation/x1/domain/ew.com/identity/tokenize?gdpr=0&gdpr_consent=&us_privacy=null

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000
Akamai-DAP-100: 3941
Akamai-DAP-Token: eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoibWVyZWRpdGhfMSJ9..2dK05E6a3anivbrW946_ug.yYA_sop4TGgldFBPrueOE6G5h7ruJBda8bWAuTx9rbcQ3CowAApkIHGau4W6Pm5q7HLZYIg9-FBB4bRxMrrIRCsQw8B9YjmVda6dqqbb2TPkQ9ahfw9Uc3rIlAO2kJ4j9XL0neop_87XEKFiOARzLhk6ugMsP2xNaq_e9Qduy5DYbg_K3OHDCzBPgpjc3AyGT4-xemdKVOydnQA5NLoJlPlbaYMm2gyPh7l9pHAoXa0JX69qLoA7KmQrrahd0MYGVsXrI1IVZT1tIZirNJBq0abPXtzihb_oRT9vmmrZMn9k9mEhM4ErhY3f95ZQQU1ZwicF45Y4Zv-IfLhA0H9uoFPEuqgIk9uqx61Gf9sO-To.oFWTwdfXVe9cYEI9ZVQIb3drMQO9XZAB4qbKSu59FK0
Connection: close
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 24 Sep 2021 17:11:18 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Expires: Fri, 24 Sep 2021 17:11:18 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
365 B 221ms
162ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=443081&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219ef3c558fc7b7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Few.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%225.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22226c54fdf93993%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22443081%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22443159%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443143%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225edf3c324a3eae%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22443082%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22443160%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443144%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228a0c2a9906cbb4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443089%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22443151%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22443167%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%221151b7b7b64b54a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443140%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22129a7fb7ce42712%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443141%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22135df76f2c7e152%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22443142%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%7D
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 311eda6793f09ee9ec578fb0fa8570edc953c2d461c0f381d0c37581346f4ffd

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.77], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ew.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Fri, 24 Sep 2021 17:11:18 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 2 B
261 B 269ms
149ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ew.com
Date: Fri, 24 Sep 2021 17:11:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H2 200 arj Show response
meredith-d.openx.net/w/1.0/ 172 B
552 B 62ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meredith-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Few.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a29dbd5-42ec-425c-9614-0198bdb07a30%2C5231e780-df2e-4466-aa8d-6e80a5cded62%2Cfcdfee93-0ac4-4594-abd3-a920d0825cb4%2C0dc05ee4-434d-4bbb-8bb0-3796ac0e20fc%2C9cfbc3d7-c66b-4f33-9b31-588616db452c%2Ce9d02a4a-02f9-4cde-b3b3-ecaeba13fd50&nocache=1632503478298&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%2C300x1050%7C300x250%7C300x250%7C300x250&divids=div-gpt-leaderboard-flex-1%2Cdiv-gpt-leaderboard-flex-2%2Cdiv-gpt-square-flex-2%2Cdiv-gpt-square-fixed-3%2Cdiv-gpt-square-fixed-5%2Cdiv-gpt-square-fixed-7&aucs=%2C%2C%2C%2C%2C&auid=543968145%2C543968155%2C543968149%2C543968157%2C543968164%2C543968166
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.3 /
Resource Hash: e8f365e18796cb1211420c68c9af1d81c5c76d029b2b26247bdd53bb35bed29c

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
server: OXGW/16.216.3
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ew.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
722 B 37ms
6ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:18 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fa0ce864-6e82-4f9c-b11b-de723330fc7b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ew.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 136ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Fri, 24 Sep 2021 17:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 834 B
6 KB 268ms
208ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12738&site_id=364872&zone_id=1980152%3B1980156%3B1980166%3B1980160%3B1980162%3B1980164&size_id=2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=55%2C57%3B55%2C57%3B10%2C54%3B%3B%3B&rf=https%3A%2F%2Few.com%2F&tk_flint=pbjs_lite_v5.12.0&x_source.tid=1a29dbd5-42ec-425c-9614-0198bdb07a30%3B5231e780-df2e-4466-aa8d-6e80a5cded62%3Bfcdfee93-0ac4-4594-abd3-a920d0825cb4%3B0dc05ee4-434d-4bbb-8bb0-3796ac0e20fc%3B9cfbc3d7-c66b-4f33-9b31-588616db452c%3Be9d02a4a-02f9-4cde-b3b3-ecaeba13fd50&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=6&rand=0.29693727494547395
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f151594f7c5a7ef00f33831cc44b36ab10cd5e5a260bdd55ab347dcea7dcdb5d

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:18 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ew.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 834
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 130.bundle.9457873b007a93e16765.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 52ms
52ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/130.bundle.9457873b007a93e16765.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65c3aa422e9ec9336030a058005f4707d1e55da33d783939b85a11ee0ed31e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 01:01:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 6106187
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 23:35:07 GMT
server: AmazonS3
etag: W/"614e4d99d57177c5801990544fbaa38d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ZcRsRKTQu85zfVS0QyBmz2PIdz7Ft2jP
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: Gwe3VXl93Ral_1u_nFi4v6A8dnFNUk717SXPPrmnD7TJYN9w1Ke6Ew==

GET
H2 200 ajs-destination.bundle.5c4dc5a893f01d22d9bb.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 54ms
54ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.5c4dc5a893f01d22d9bb.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 18:39:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 5005922
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 18:38:18 GMT
server: AmazonS3
etag: W/"0a20d76fd1575156dd469cfd0cb00105"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: I_0vE2YjpvkkCUx2ynE.qqOV6La2W8Jb
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 7sX8lXYn11HTQRFHCgwMqaM2E3zSjp8AJmAanX8fIMJSqsRaW2bMnw==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.18.0/ 377 KB
84 KB 16ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cIchS4lr7UaDx9LQCq2apA==
age: 5482780
vary: Accept-Encoding
content-length: 85787
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:55 GMT
server: cloudflare
etag: 0x8D91E52BCFB1A90
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5fe232a2-f01e-00ad-0289-7ff88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da1939cfd5b9e-FRA
expires: Sat, 02 Oct 2021 17:11:18 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
160 B 361ms
134ms XHR
application/json 52.207.5.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=ew.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.5.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-5-56.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://ew.com
date: Fri, 24 Sep 2021 17:11:18 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
vary: Origin
content-type: application/json

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
404 B 44ms
43ms XHR
text/javascript 13.224.186.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Few.com%2F&pid=reM7jb9svfbdA&cb=0&ws=1600x1200&v=7.69.01&t=1250&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22leaderboard-flex-tier1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22leaderboard-flex-tier2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22square-flex-tier1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22square-fixed-tier2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22square-fixed-tier3%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22square-fixed-tier4%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221--%22%2C%22si_pagegroup%22%3A%22homepage%22%7D&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ItB9m_2cZwxWEPPAGxEg-b1vsghu4s7k5kkRghDvj1NZ5un2VUwFTA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.224.186.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76120
x-edge-origin-shield-skipped: 0
access-control-max-age: 3000
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 07 Sep 2021 22:15:56 GMT
server: AmazonS3
date: Thu, 23 Sep 2021 20:03:33 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: l8uVwI7KHALORXpV_eWxxAzJnwLQl99jQ0e8DG9KOtyg7drheSJzGQ==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/77f7508a-4666-4a03-a50d-16d147c146d3/ 260 KB
42 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/77f7508a-4666-4a03-a50d-16d147c146d3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb92a925cb9f89157d46b55a677964228c0bfeca476a65d5c2150203d8360ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6bEHe97YrTXbXA3X3JGisw==
age: 4141215
vary: Accept-Encoding
content-length: 43229
x-ms-lease-status: unlocked
last-modified: Wed, 16 Jun 2021 17:32:55 GMT
server: cloudflare
etag: 0x8D930ECC69D0247
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 24f2307d-b01e-0083-29bd-8b784b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da1942ca35be1-FRA

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 52ms
52ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 421b1800e7b45151cbc1c0ddedb6fd783c0330cd295d3386cb2fdff8707c1573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:12:58 GMT
content-encoding: gzip
age: 622700
x-cache: Hit from cloudfront
content-length: 4747
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 21:35:46 GMT
server: AmazonS3
etag: "af268d6bb7fc679bcc741cd09538b42d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 1fIN3gjPrH47JItgWOgYg5n8XwUD51I1
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: D5MCRJDVd4YNX1NCmPVUYk1RsFLrMMFnGiPHMtadJa7fi17v5_QsXw==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 52ms
52ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:12:58 GMT
content-encoding: gzip
age: 622700
x-cache: Hit from cloudfront
content-length: 1346
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 21:35:46 GMT
server: AmazonS3
etag: "639f3175da01a07819bb89783e598341"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: RIkj5sa1RVLk.tW.Hc0b8itIHd8TXvVm
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dyx81rSJaMJsCn1izwSbIk2FhdFi8_mj_ANONHk7RzDxyBv1JTdivQ==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 12 KB
3 KB 14ms
14ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrQfM8mTXwqoZ1+V6sXNuw==
age: 2734020
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:48 GMT
server: cloudflare
etag: 0x8D91E52B88C8775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 78a97a5e-301e-00f4-1289-98fd0a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da1947d355be1-FRA
expires: Sat, 02 Oct 2021 17:11:18 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 58 KB
14 KB 22ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130de48e0c060d4b6238ea51906a09de1ae3d64e32420e935ebe1d5761784e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1n6ZrjSMdOAnYmIOmzRiUA==
age: 8634023
vary: Accept-Encoding
content-length: 14362
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:49 GMT
server: cloudflare
etag: 0x8D91E52B90D8FFA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 37335bdb-401e-00fb-2ae0-6210fc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 693da1947d375be1-FRA
expires: Sat, 02 Oct 2021 17:11:18 GMT

GET
H2 200 commons.3495c86769f191d6894f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 57ms
57ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:50:32 GMT
content-encoding: gzip
age: 1329646
x-cache: Hit from cloudfront
content-length: 22175
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 21:35:44 GMT
server: AmazonS3
etag: "97bdd3686696ee0e0f60bfaaa6b5693b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ycGBqmRQJe7ubt596zlSYLfgMdBxARsQ
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: b_f3OzZzLdlTGvDGNM_O-612nHUCIGt6m5SB5pJuYkQwd2YS0r8Oaw==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gpc.min.js Show response
ddrvjrfwnij7n.cloudfront.net/js/gpc/ 5 KB
5 KB 46ms
7ms Script
application/javascript 13.224.193.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-48.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f1391962e3b7183eabc9304bfe5902629aeb9d5aeac5409ebf1ee07ee1ca147

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 00:03:35 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 Jun 2021 13:39:13 GMT
Server: AmazonS3
Age: 61664
ETag: "667947e83fefce0d2042d0b45891c3d4"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/javascript
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 5107
X-Amz-Cf-Id: 6NEaGmbf9QkC0C1Wc8kO1OrMjJr_yy76AHP6NX7hB1hEsLruffB6AQ==

GET
H2 200 v1.jsonp Show response
api.sele.co/ub/ 866 B
1 KB 331ms
108ms Script
application/javascript 52.21.208.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sele.co/ub/v1.jsonp?ka_channel=homepage&ka_ctype=homepage&ka_id=10726168&ka_type=homepage&ka_abTest=mdextest&ka_pv=1&ka_otabc=0&ka_npa=1&ka_otgeo=1&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_mrid=4d9f8360-500d-4b5a-acb1-f225f0c0323e&ka_dockedleaderboard=false&ka_dockedrail=true&debugLevel=5&sm_os=Windows&sm_plt=mouse&sm_brw=Chrome&sm_pr=1&sm_w=1600&sm_h=1200&sm_o=l&sm_pb=bPxqAvRO&=undefined&ka_otgrp[]=4:0&ka_concepts[]=&ka_taxons[]=&utid=1632503478589&loc=https%3A%2F%2Few.com%2F&ref=&sm_cb=smpubApibPxqAvRO38216736

Requested by

Host: cdn.selectablemedia.com
URL: https://cdn.selectablemedia.com/tg/p/bPxqAvRO/js/sm_uber.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.208.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-208-222.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

6e8820e15980e12632ea85b37945c743d3507568e6acfbccea970865f093b0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
content-length: 866

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 221ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 40ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 241 KB
65 KB 434ms
434ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=861039501937778&correlator=4490934792726444&output=ldjh&impl=fifs&eid=31062393%2C31062863%2C31062922%2C31062920&vrg=2021092301&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210924&iu_parts=3865%2Cenw.mdp.com%2Ctier1%2Chomepage%2Ctier2%2Ctier3%2Ctier4&enc_prev_ius=0%2F1%2F2%2F3%2F3%2C0%2F1%2F4%2F3%2F3%2C0%2F1%2F2%2F3%2F3%2C0%2F1%2F4%2F3%2F3%2C0%2F1%2F5%2F3%2F3%2C0%2F1%2F6%2F3%2F3%2C0%2F1%2F2%2F3%2F3%2C0%2F1%2F2%2F3%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C299x251%7C300x600%7C300x1050%2C300x250%7C299x251%2C300x250%7C299x251%2C300x250%7C299x251%2C1x1%2C1x1&ists=3&ppid=72ce70e7-d2ae-41ad-af78-90c01c692638&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dleaderboard-flex-2%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dsquare-flex-2%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dsquare-fixed-3%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dsquare-fixed-5%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dsquare-fixed-7%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&eri=1&cust_params=path%3D%26channel%3Dhomepage%26ctype%3Dhomepage%26tags%3D%26id%3D10726168%26type%3Dhomepage%26abTest%3Dmdextest%26pv%3D1%26otabc%3D0%26npa%3D1%26otgrp%3D4%253A0%26otgeo%3D1%26muid%3D72ce70e7-d2ae-41ad-af78-90c01c692638%26mrid%3D4d9f8360-500d-4b5a-acb1-f225f0c0323e%26concepts%3D%26taxons%3D%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1632503478&dt=1632503478615&dlt=1632503477507&idt=652&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1098%2C1098%2C1098%2C1098%2C0%2C0&adys=16%2C2150%2C5060%2C7064%2C8936%2C10934%2C27107%2C27107&adks=1689210791%2C1701373187%2C3910220362%2C4254110791%2C3398758575%2C416255778%2C1390225011%2C1199576969&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Few.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x106%7C1600x0%7C300x25%7C300x25%7C300x25%7C300x25%7C1600x27106%7C1600x27106&msz=1600x90%7C1600x0%7C300x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1600x0&ga_vid=1705917284.1632503479&ga_sid=1632503479&ga_hid=678032856&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fd125b52def4e681a8f750e23682733888df2663401258829a6a8140ef48a3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66063
x-xss-protection: 0
google-lineitem-id: -2,-2,-1,-1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-1,-1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34B3 6 KB
4 KB 200ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 24 Sep 2021 17:11:18 GMT
expires: Sat, 24 Sep 2022 17:11:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 142ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1158
date: Fri, 24 Sep 2021 16:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 24 Sep 2021 18:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 435 KB
110 KB 162ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRQQSDX&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c230d91accfeb496fc982360fdc224f5206c81d5d7414656cf05abbd4d7e9748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111690
x-xss-protection: 0
expires: Fri, 24 Sep 2021 17:11:18 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
135 B 499ms
158ms XHR
application/json 50.112.221.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.221.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-221-239.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Fri, 24 Sep 2021 17:11:19 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
134 B 498ms
169ms XHR
application/json 50.112.221.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.221.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-221-239.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Fri, 24 Sep 2021 17:11:19 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
420 B 95ms
12ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=445821&u=https%3A%2F%2Few.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:18 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.77], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://ew.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 24 Sep 2021 17:11:18 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
546 B 88ms
17ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd6a3046caafc72dab8e4bd8ad1e3c0a828e1d8eceb60213794bd33ef8b013cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Sep 2021 17:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.se/v1/ 3 B
475 B 66ms
16ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.se/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Sep 2021 17:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 sm_sp.js Show response
cdn.selectablemedia.com/ro/c/js/ 92 KB
30 KB 64ms
64ms Script
application/x-javascript 13.224.193.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.selectablemedia.com/ro/c/js/sm_sp.js
Requested by: Host: cdn.selectablemedia.com
URL: https://cdn.selectablemedia.com/tg/p/bPxqAvRO/js/sm_uber.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-50.fra2.r.cloudfront.net
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d39f910d2eb61c84c28d28e7a43bf4e99e74ade608af519a982e648b02180aa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:10:11 GMT
content-encoding: gzip
age: 72
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 19:14:56 GMT
server: nginx/1.4.6 (Ubuntu)
etag: "61005b30-170c0"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dYbUXRc-EKF07D57-s47sJS0zMOD1aTLDQvS5yeqTkWVDDF9cFWLqA==
expires: Fri, 24 Sep 2021 17:15:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
202 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=678032856&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAQCAC~&jid=1682859271&gjid=161041360&cid=1705917284.1632503479&tid=UA-97981691-4&_gid=190574870.1632503479&_r=1&_slc=1&cd5=2021%2F09%2F24&cd6=2019%2F12%2F18&cd7=own&cd8=homepage&cd9=front%20end&cd10=ew.com&cd25=10726168&cd36=homepage&cd44=1&cd72=ew_homepage&cd74=homepage&cd75=false&cd80=test&cd90=4d9f8360-500d-4b5a-acb1-f225f0c0323e&cd92=1632503477935&cd93=cms%2Fonecms_posts_ew_10726168&cd99=10726168&cd100=homepage&cd67=72ce70e7-d2ae-41ad-af78-90c01c692638&z=1317509835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-182h1kagypftheeqt3p.js Show response
aamapi.com/api/ 1 B
180 B 489ms
156ms Script
text/javascript 2600:1f14:600:6e00:77cb:3957:e000:1f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aamapi.com/api/init-182h1kagypftheeqt3p.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:600:6e00:77cb:3957:e000:1f7f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
server: openresty
content-encoding: gzip
expires: -1

GET
H2 200 v5.jsonp Show response
api-ntv.sele.co/sp/ 3 KB
3 KB 576ms
274ms Script
application/javascript 3.211.187.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-ntv.sele.co/sp/v5.jsonp?ka_abTest=mdextest&ka_channel=homepage&ka_concepts[]=&ka_ctype=homepage&ka_dockedleaderboard=false&ka_dockedrail=true&ka_id=10726168&ka_mrid=4d9f8360-500d-4b5a-acb1-f225f0c0323e&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_npa=1&ka_otabc=0&ka_otgeo=1&ka_otgrp[]=4:0&ka_pv=1&ka_taxons[]=&ka_type=homepage&iid=582918025&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&utid=1632503478589&pls=1950,1126,1128,1713,1488,1389&cb=onSmSponsoredData&sm_os=Windows&sm_plt=mouse&sm_brw=Chrome&sm_pr=1&sm_flsh=0&

Requested by

Host: cdn.selectablemedia.com
URL: https://cdn.selectablemedia.com/ro/c/js/sm_sp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.211.187.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-187-86.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2b75be6a15a51e71c0cacf42602c86296495b681b745529085646698ec122b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:19 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
content-length: 3085

GET
H2 200 container.html Show response
9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 70CB 6 KB
3 KB 312ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 24 Sep 2021 17:11:18 GMT
expires: Sat, 24 Sep 2022 17:11:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 15B3 6 KB
3 KB 312ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 24 Sep 2021 17:11:18 GMT
expires: Sat, 24 Sep 2022 17:11:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42AA 6 KB
3 KB 311ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 24 Sep 2021 17:11:18 GMT
expires: Sat, 24 Sep 2022 17:11:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D64 6 KB
3 KB 311ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 24 Sep 2021 17:11:18 GMT
expires: Sat, 24 Sep 2022 17:11:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 253ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 17:11:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
456 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-97981691-4&cid=1705917284.1632503479&jid=1682859271&gjid=161041360&_gid=190574870.1632503479&_u=aAhAAEAAAAQCAC~&z=318671614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Sep 2021 17:11:19 GMT
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 53ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-97981691-4&cid=1705917284.1632503479&jid=1682859271&_u=aAhAAEAAAAQCAC~&z=1871495145

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
522 B 54ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-97981691-4&cid=1705917284.1632503479&jid=1682859271&_u=aAhAAEAAAAQCAC~&z=1871495145

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp
trk-sp.sele.co/ 43 B
219 B 385ms
105ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=true&stid=290&pid=1126&pt=t&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&sfc=1a1000&pfc=1a1000&aid=4&cid=568&fid=7217&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&srid=null&uk=0-0-0-0&iid=582918025&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&aid=4&cid=568&fid=7217&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&ts=1632503479804

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 sp
trk-sp.sele.co/ 43 B
218 B 457ms
178ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=true&stid=290&pid=1128&pt=t&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&sfc=1a1000&pfc=1a1000&aid=4&cid=568&fid=7647&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&srid=null&uk=0-0-0-0&iid=582918025&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&aid=4&cid=568&fid=7647&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&ts=1632503479807

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 sp
trk-sp.sele.co/ 43 B
218 B 384ms
105ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=true&stid=290&pid=1713&pt=t&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&sfc=1a1000&pfc=1a1000&aid=4&cid=568&fid=8279&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&srid=null&uk=0-0-0-0&iid=582918025&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&aid=4&cid=568&fid=8279&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&ts=1632503479808

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 sp
trk-sp.sele.co/ 43 B
218 B 384ms
106ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=true&stid=290&pid=1488&pt=t&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&sfc=1a1000&pfc=1a1000&aid=4&cid=568&fid=8278&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&srid=null&uk=0-0-0-0&iid=582918025&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&aid=4&cid=568&fid=8278&tz=42&cfc=1a1000&ffc=0a1000&crid=11459&ts=1632503479809

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 sp
trk-sp.sele.co/ 43 B
218 B 456ms
177ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=false&pid=1950&pt=t&iid=582918025&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&ts=1632503479814

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 sp
trk-sp.sele.co/ 43 B
218 B 385ms
107ms Image
image/gif 52.86.130.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-sp.sele.co/sp?type=adsAvailableResponse&status=false&pid=1389&pt=t&iid=582918025&fp=72ce70e7-d2ae-41ad-af78-90c01c692638&utid=1632503478589&ka_channel=homepage&ka_id=10726168&ka_muid=72ce70e7-d2ae-41ad-af78-90c01c692638&ka_pv=1&ka_type=homepage&ts=1632503479814

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.130.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-130-105.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
status: 200 OK
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
content-length: 43

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 70CB 1 KB
958 B 126ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 16:59:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 70CB 0
0 84ms
81ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA4u4tgZOYYGKKoOorAS0qo3QDd7gyf9krqWO2M0O29keEAEgqP3AEmCV0omCmAegAcevnN0DyAEGqQIr-_w4eKOzPuACAKgDAcgDmwSqBL0BT9DePYW9esmYqdqOLvBiK5IMmV1lneQoyaRW_-YT8-wzaXgczf8sRqfYlsf6YUFfMtT31lBQLhFgjiiZTgsqvnzNhaoWs4BiE4vwcgunzfs-qygbwJlyOV9I7FcSesD7eVKo7FKdO0KGaLneOah81zk6Kd2Xiut1rDjv0fvA9hdVBKmtj0W0Ahc-kY1iophk2chCchokD3M5A5azB3jxPS2svLPw2YAZNrEDEvH4MD0tZwQqLlhOVNbOoOD0wATYmdmHwwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHodDjIqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ5LEM0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTA5NzgwNjQ1MzIxNDIyMTUY2o4R&sigh=FTuqE7t6VBM&template_id=492
Requested by: Host: ew.com
URL: https://ew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 70CB 18 KB
8 KB 112ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:10:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 70CB 3 KB
1 KB 125ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70CB 128 KB
39 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 70CB 14 KB
6 KB 114ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:02:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 70CB 0
0 27ms
25ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmJ6rj3v1UMSdwnNaKdBleY9PTAbX6MtoUECjOaAh_vnhfeiW7y3Z6-E0lhJSAZ3ZCT3m8
Requested by: Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 70CB 27 KB
11 KB 112ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EDA4 0
263 B 124ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNXvCfyJopx5H9g8QcTwoqizZYWmxR-BlZT3sJOFrTtmnEQmmwIemN3ZM1hKAN-WKyE50ye-q6ypp0bvIcjdd5HmHXU-SQ

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNXvCfyJopx5H9g8QcTwoqizZYWmxR-BlZT3sJOFrTtmnEQmmwIemN3ZM1hKAN-WKyE50ye-q6ypp0bvIcjdd5HmHXU-SQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Sep 2021 17:11:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUneY7CA2t4vPijrIKGwEMR8eDkiOlCU9R-pnbcJqw8Vbk4hoDNeLjOn3rjA; expires=Wed, 19-Oct-2022 17:11:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 17:11:20 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 15B3 18 KB
8 KB 109ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 16:29:37 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 15B3 6 KB
3 KB 117ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2646
x-xss-protection: 0
server: cafe
etag: 7823829336074104133
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 15:42:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15B3 0
592 B 133ms
33ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ5jbYvVGpWEsjKCPGlxVKC7RLS6UOu1Axn_PYSOzWt0DuI3cfUjKEUp8rnbdqDzV38EMHpTs1bx_Vty8IQzIk_0nLQ3XW4jpwqAftANoyv6gymw4vvqjOpvbe3M5ZFkgXqqYtnoUwKWIrHP5a_ZFJeh4Vt91eveKf7QmqLON4JNBn2aeFZB2zluSsyKOLGiNh7G9v9Jz6cXVF4FJFqFjJmJfsQedEg5gHLT6rp1wkqnyHeH_7Cu3rdN6LmixE9jPANSNyfz6yk5dHENPYz5IBx2QGcusyuPIzDNih5mKLjWBODKxy51zESDdx7BZS8B6YRLpss3cMBC5GPYs7Eu_wipIe0ZbKErJ55E-guzIvpYyeQ5FtndY2Qi9mUYSpTIc99I60mwCJ_urHKRURAhTscjgnyWEr6X7_VfKhRGsvO5ciGl44q6Lta4i_4rqB4ulVRrcBfSOmuINBkN8wx1ZEodkYAu91KN4lJo0OeOvLxgDcwglwKpH85jYqkkM0y9NKzhrGSTrgKyJFSEj_qhbIUxIr_fv6Z9RD1nPtLrR4OTR3b5C3OCW_QJu4TLVg5-jNkVUMF8O2r2LtYl1COiHLOxFHhTIscgBD4U4casJEnJ2eFP16w-KC8iuUh1wg6uCy1s1uyT8au9SILWt5-ZbjGivSFS7JukCoVcvrpvwoeRjA9CRkP2nh-TTA2hj6aj7EDkDp_bBTo0Q-SklsMyk1Ogv-nRERoEikcA5MFyDxQVlqA-0-pae0iEaaCx7c9l0irj-qtr5gcs26jm1y2WV-rUQTRhlWwq1nRU5SNLFhvbWKOE32dyXZrSdoaa_9t6se6yvZYEoJGrX1lT15FedVQszpKxieZVutrwTDzImUVI_zEzmzHquhisXFO8390-W_NIRgP_M4uE6gjVe94a4a8YzP9E-gvJx6z-dthCRtUxeMiSqjv9JckjCZmoSNgChu-02B_DphNTkKqA2WVU4SeHZ-Vc1lu32hquDU7NBB92K80j4sFBdgBIA7nThwnUj4yZlfK2Xpl66eLwNc7iedP4byejGsOVWKNfygfaD8KHHXkSocyIjvdOGqBWvxhve53h-c&sai=AMfl-YTvzwcUzVnqhvd54O7ozY4_q53UwuUjp2gV65eqdvnMVw-HCikt0HzBEUcvyt-MXrBWHwIt2mKUHK2v-QmCSYD6EYsjAXro_yPYVNN9DaYrSKNs_b4khrNGzruQlHNcfAmHv05FFSUO4tE27_dzf_zle4NoH6-crWavTfY3TTBIGfnSaQo5GEUt0HIN1S0q-1sRpC51ysZ3TQC_QXQpQeIEa_wzQPogign8AHyNrwZvF7OOLYktfZq8UZwr_eJzxgbqwSg0HgzvYp2LFfdvozdXinNaYJ2nfH3iKno3zpS0_0Br1LbZgSRCthjFmGKowolcrhLT9gtScs6JGTPY8yJb5M4LkzGRG6zx9WtNElTmCeeBewaQqfHxu8wYgSdofRSltx-6m8P5zr7AHG4wt6yuMYz6vhUInJTM4Pr1_HAi3gddqGycLyn1vMOR4ohOqwrQf0PircJAGitL2ifMThKI6zVWSxO1&sig=Cg0ArKJSzPl-eQ4R3yk_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210922.11094&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 24 Sep 2021 17:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 15B3 41 KB
15 KB 121ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 24 Sep 2022 11:21:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15B3 42 B
173 B 129ms
31ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZVnaytmFBNxPLgZhBW53n8vCYllJmLFGOh1YiL305fSPnQOdcygaw-9OZRIr7PvpgE_HgRlrGiZaAY2mN1OrBle_42rYzjumkNkN5OwBhzASSs54

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 15B3 3 KB
1 KB 120ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15B3 128 KB
39 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 15B3 14 KB
6 KB 110ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:02:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 15B3 0
0 20ms
19ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyDsfdJyIO6_H8bQltd2qd6Q3GvqLL6FI3niENned6yPEcM-tbXvoriSDHclnLMC7G6K1V
Requested by: Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 13551181697542315914
s0.2mdn.net/simgad/ Frame 15B3 44 KB
44 KB 164ms
21ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13551181697542315914

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d16cde3a81b1597a289e3d45cde0b992a76c358c32e0d4ec8a24f8d3a8cd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:00:45 GMT
x-content-type-options: nosniff
age: 94235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44934
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 09:31:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Sep 2022 15:00:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 498F 0
263 B 112ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNUqdnQc1zFxDbi5eP63CgKW-IGcOFU-_ZqQyZIfB4TQW-qsDVi1IFa9QmofkBggAsG_6EQ5fIIzwWyaoyZH1MKU-YTi5g

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLXftcgCEPLV5MwCGOj8trUBMAE&v=APEucNUqdnQc1zFxDbi5eP63CgKW-IGcOFU-_ZqQyZIfB4TQW-qsDVi1IFa9QmofkBggAsG_6EQ5fIIzwWyaoyZH1MKU-YTi5g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Sep 2021 17:11:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkGdnXkA9_cpcYf7S2H0wXTKGFMhXOdLREZoGn1PRFoT18lt2h0aLtplR_u; expires=Wed, 19-Oct-2022 17:11:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 17:11:20 GMT
cache-control: private

GET
H2 200 13551181697542315914
s0.2mdn.net/simgad/ Frame 42AA 44 KB
44 KB 180ms
45ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13551181697542315914

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d16cde3a81b1597a289e3d45cde0b992a76c358c32e0d4ec8a24f8d3a8cd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:00:45 GMT
x-content-type-options: nosniff
age: 94235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44934
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 09:31:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Sep 2022 15:00:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 42AA 18 KB
8 KB 98ms
11ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 16:29:37 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 42AA 6 KB
3 KB 103ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2646
x-xss-protection: 0
server: cafe
etag: 7823829336074104133
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 15:42:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 42AA 0
52 B 112ms
34ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR8A-Aa3tqJxZA2pxVuFn2jZgJXSluHkF1tOWHVTtLzze2jh62q0pPBxCI3TCptUU612HylQ6AA64rgpa_sQ4TN8CCg33L_KU4wfA1GS2h2ZfJjEQyYVjWq852qwsa0vfz46CJfUeua9Yhn6HwTaQTnGvheXYG7D_LjnMqmESyphrEnlwVsTht8bpO9D4bfAnZoXJtaqfDFoiBQMTEL4-VEPnhGWKD5p28JXFnn0giQdySf8YfU8F1ZzXhwCGbjW4f78AV0EdWkj_pZlCz3FCitPS86Jv6eiXJTNQdnBEYIqESF8Hg3l7zAb8xK8v9cByTm17ihdxHWwIFgdLL5jCpfuW32wa1YC7bR0EFI9rRF8WetgLLUvF3kYJx8Ar9JJiAZ_eBFHiz7-2_erYZWqQ25nBB_3yXGJMNXuiKkPmGH0BWe4YKcclRCIz_qxZbwhn9rAv4HD3NK10cbwxz9mGxHn8ihIyA_U9-yBc4L706Yxwo9UxjRZnLWI3xaEoqJ5d0nFZqhoXPBU_vEBV8YZ0hM0zR9EuvCddLUn2aoW49O2GzBPG8xcRWatNBXR3LXuF1plvebGkRqPAg6bGPzJy_F1eFT8RjLrAhgiY8u3-LwqKgWdH-nsstld-X1rt7M551n9kTSeHPYhGQTzB810X_PnW1aKm0ta32ojd6SHPg_Y-NFkY7-3zTT_V3xB7veaHcUkKyqUMohffN9zMTDcM0gHGh45eR06FlauyvVtWII9P6MKD_-uSgjqNAT-2S-MCf2EP3pdjkSTTE3bBXNbTjSQn7547lAByA-106BB-5E4uOZB9CO-AoXIDCMMjB4qDAHM7Hz99nVSO9QDfcdnIyohSnf0CWAVOwKNZfzY6vFlm6_v5IdsKa46hJ9Pngdnyhm9bvfh1apF-elxAEgQot06dQCWlwLudS8N3oJZkuGdaUb7mcZilAC5j8dgBOZ3lDX2vjSEf5ITjWSwhOSGcxHhpspInZpS45wSoX_UfCethINfVgxpfGDpPffT8CPIiHgf5VLaGd-0io8aX9AxrVqoN7OFN3CGSQBGmF84ZAJ2f0hJtQjF8u6hpOZrxyGhLYxXd_&sai=AMfl-YSPcGHqedUnAfV4hAnTaTgNKT6DTCDOfDKWYADJAa_NTZGZLE9YFNTvwGV-iwTz-1w9wihr66r2VNbmjR81ObsoRoYcZC7VJ-Xq0JT-CeknvU6O0QrdwcihAV4bxRMVRy_FcghavoZx8tt-8WOks3OTmgyvzd2QqrtButO5E0MMqbHZz5RR8ljWcdQ6EP0AuSilUlyxH7eOdPBh_RaJnH3U45O8UdYaQz71Db_bPSLsAecnDljrzvAG3dEoWuq7W8zRuoRtPx6RdmIOxlYrzu1EH3SR-r4DzpnMGAVWPBxLUBrW9iG_gNPRjyct8vnvcQPPGYA1FHY6FRLxag941SNZiEQajS2SsFaJQYdl6fpzRKGWBpM1JHGhYOmtKD_IYC2KzhS3eGNkSjts3n5Y8FC7QEPr9Beb9of80Vu3ZqZO-GmCa3ZcvQrptLqzLM2u8GjswCNOPJwLiD7EPzXIC93fs7KSFWWl&sig=Cg0ArKJSzNlP2_Q3VCCbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210922.10232&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 24 Sep 2021 17:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 42AA 41 KB
15 KB 101ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 24 Sep 2022 11:21:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AA 42 B
107 B 109ms
32ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGmFQduK6UouSW1MpctV4q81PXbqe111wzuGYxgt59qTtYYGQqyI_LCBxybG6nAc_9Y3kIIV6N4WCJ31UYHauLuOd6KivILl-BUk6_7c8PwDSgxIc

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 42AA 3 KB
1 KB 98ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42AA 128 KB
39 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 42AA 14 KB
6 KB 90ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:02:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 42AA 0
0 37ms
36ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRm-iENSo43D4Av5nh8HOaq9iYaVDuO6AjsTXaeY54ZN1iklQzYS6-bseIvJUevHhYUaA8N
Requested by: Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 37F6 0
704 B 89ms
17ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXftcgCEPLV5MwCGPjxtrUBMAE&v=APEucNUpFspY0ceCcTwSCD8cTGwGeWag5gh15yycmo5Kp6MXe8yyRqParqwh8rm8RosC8OEO5zGWCCJnunvOW-OOq_5Ii0B18w

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLXftcgCEPLV5MwCGPjxtrUBMAE&v=APEucNUpFspY0ceCcTwSCD8cTGwGeWag5gh15yycmo5Kp6MXe8yyRqParqwh8rm8RosC8OEO5zGWCCJnunvOW-OOq_5Ii0B18w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Sep 2021 17:11:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlyg4NhjkPGeldm6bMXB-UkljZBbhKLKcYCGM7B5tUcBYkwc7hdNyGFb86a; expires=Wed, 19-Oct-2022 17:11:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 17:11:20 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 0D64 18 KB
8 KB 61ms
12ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 16:29:37 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 0D64 6 KB
3 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2646
x-xss-protection: 0
server: cafe
etag: 7823829336074104133
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 15:42:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D64 0
61 B 49ms
35ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaQuNyHfRS6KqBBArOJ13sceflFtHrvkR2a5mHL7ZHn5-74aux9_SjiCwAk1Knd89QesVB0ozRGIZv5hIA6hwk7GhH0WUWTUb5tp94HJAIJq8yNtSkWGtwRwtaJltaXyz5QyMgSzD-N-EgCHGqqsldiGoguCJC7J4WIjFyavFiTSOzmCQ0f7kVxbIuilw85QzFcRFzAkidGcw3qhcoXp1uFHehBg31PGDCyOW2brSpSVwOfiuhX35pfYwMkHQ5J5MhdDCYAZ1opraPI8laz2szC_1ouKv01DiwBlHfJ744Js8omdjzDlZePf3b9QVN-1NSZ5g-0DZ7wr7jwX2Ppz1nGHbRKImrdWAWL36-qeFJ8U27_xs6R0beMy5FkMSCvYpwHQk4dc-A0gT0zpwTKZPPQ1EBqeYUxI2mni7GStn-KdTPQCS7uv4m_7eT8aHYbi9891K_fYfg7MAkGSO1omzwP3vcevxbx9rnFq8gZyt2qNXnY2aaHBwtGLxquo4j6aHcxdYct728_N87oHxr-lGAWA4HzjM3TPVZ_GG06KbcXRY6SZGTWzHSJoGyfTfgulF88D6j2UYTHAnPBJtl1vBMSBns9Ype6rRT6fZn8Nyr-m-SovfeedlqtTcmuRnX0PeNNsuSYtrl5-XcD_LVLR-sZ5yhU532idCjDVdn1J-iekNF0YkR8pep4O5dvmk02SiwKSLWN8L2ij_Z-HezIgosPN9EWqEhicrAXSS32bCoUcI8L7C7e82VdZAPksrtq_WlieYscnchy81TuCarxd5qet1O7f-NPziSXhI8e4Iy_WzaGoMsfDUDAcW_BixduoFSPSxV-rKMDX1OBRIEAtlI9D2q39KD2-nVG3adPIpJVVzjsnL_TpvxJPQpZY7EXK-Gv9Yecuz4bHJK7FLxHFg27bHQCKyhZXo9YRn_xKO_2Gh1qIb9uY18tkOLQ29HXUC5eTUQEjGTQ6fO3HfLBgDuy8Dsb5JtfZEcySAIHxn6xTrje5w_YpqK1ZaNgrk4eP5t8hFxT3K3bxmbEf73Ht_n-3WoyKGyGZxN93lkDF6pwEuUBz2JS4HtwHPdADD9unY&sai=AMfl-YR6h-qp-DJMfRxvZQj121W6QgHLRfePPPr6uv7nNLyGQrMmqLcdHIBV9kuGbN9Uz-RM45wNbIHnKiFyxjPzkaISgHCRCXZrRWIuPb6p_cRLZBpDJIhDLUgKFC4c4_Hylbg-x4Ydda5KboU2gLSY8Mxv2AhmJD1_lLlHtFv6naMSTk315XbUDLTmCKo7Nh9SGxKbIMrsvyunZY_nfAieNnVlaO9xHmdIGCbZm1IgO06XT1ImKCKWxjNYy8gUgOEVlqBKoNc3gabNT3joNlEJo4RPMTM8V6Zgz-eZOVuD_wDk1dqA-PwiVjRmPwirq8P9no37yQcHhMJ-vE3kwImtDGCqT2FBH63f0-2nSwQntXvHw16gzKF-bNbsinZcW8mmMO-bPjYPVssldonlW7mabBHe_hw2V63ONLlcsRmWvsl1611OgB-DZ2rS-0G5Dh1SjKsykQ3giW-pyS2wmgG9ZkvxiuyO4zBY&sig=Cg0ArKJSzGX86F3EpQ1vEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=1&cisv=r20210922.98907&adurl=

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 24 Sep 2021 17:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D64 41 KB
15 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 11:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 24 Sep 2022 11:21:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D64 42 B
107 B 46ms
32ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMzGd0oDvxfSRy0pvjeofQzR3Y8oMpTT8AnNuO355Fldh7VOSJ-D-0ksJB-XVduvmFE-Nx45uBzsYDe5rTQArCNoY8eV3FbzZAbinPzY8hUNpV8CI

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0D64 3 KB
1 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D64 128 KB
39 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0D64 14 KB
6 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 17:02:55 GMT

GET
H2 200 17110459383431232610
s0.2mdn.net/simgad/ Frame 0D64 45 KB
45 KB 104ms
44ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17110459383431232610

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e027623392bfcadf40afe247036e1c1ccfed68902172fc967a410698002fb509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:00:54 GMT
x-content-type-options: nosniff
age: 94226
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45659
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 09:33:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Sep 2022 15:00:54 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15229880463547509191/ Frame 70CB 19 KB
19 KB 52ms
40ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15229880463547509191/downsize_200k_v1?w=300&h=300

Requested by

Host: 9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
URL: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc94cf3f0be80900fadda2246c906cfc6562ed271aaba1679e6ed5f284bed462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 06:13:45 GMT
x-content-type-options: nosniff
age: 125855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19060
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 06:55:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Sep 2022 06:13:45 GMT

GET
DATA 200
OK truncated
/ Frame 70CB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15B3 0
23 B 32ms
18ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D64 0
23 B 19ms
18ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 42AA 0
23 B 18ms
18ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ew.com
URL: https://ew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 15B3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5d8a8c208a5b3e4b7a03dc2b594996d7e97bb6434049da6847a6e2a6ecb2ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 42AA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259393ac2502fe1ea3a801f32b55ee2208a766a9ae539d0aba3720d3dea5d8b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0D64 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a1fdbe197375a6c6e84505cde84caf00d98dace452ab1ae5c3b5de6ba9e98e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 227E 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 24 Sep 2021 11:21:20 GMT
expires: Sat, 24 Sep 2022 11:21:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6440 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 24 Sep 2021 11:21:20 GMT
expires: Sat, 24 Sep 2022 11:21:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 47B2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 24 Sep 2021 11:21:20 GMT
expires: Sat, 24 Sep 2022 11:21:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 70CB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6329c9b17e07882439020ae49c705f57c036edbfceea514086a5bc7ae66472d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
134 B 159ms
159ms XHR
application/json 50.112.221.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.221.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-221-239.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Fri, 24 Sep 2021 17:11:20 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3033c79acdb0d219da2782de3e74f6fc040c71e7f6502dad67c21d50466c6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8458
x-xss-protection: 0

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 227E 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 13:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 13:57:31 GMT

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6440 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 13:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 13:57:31 GMT

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 47B2 35 KB
13 KB 9ms
8ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 13:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 13:57:31 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31062922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 26A8 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 24 Sep 2021 15:43:03 GMT
expires: Sat, 24 Sep 2022 15:43:03 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4198 783 B
997 B 26ms
26ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b486c52bf20f94a3b2e31d3f190eeba232da46688a62290cdfc755aac8e5ad63

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jTLFW9BkwwRytS013pD2Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 24 Sep 2021 17:11:21 GMT
date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jTLFW9BkwwRytS013pD2Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4198 0
0 59ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092301&jk=861039501937778&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Show response
pagead2.googlesyndication.com/bg/ Frame 26A8 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 10:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 24 Sep 2022 10:56:59 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6440 0
56 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-cnZtgZOYYOKKoOorAS0qo3QDQAAAAA4AeAEAg&bg=!SkmlSQ3NAAZNQyuQTUM7ACkAdvg8Wl_Caw0ezadEHBCKgpBw5ZJgwMz4GboBAAjCAS-PhPLdbyFY2gIAAAHLUgAAAExoAQeZAyFkwe19WHgCgMxT9RZxGXkoQzHRplYelej7lnSbdRozVbevpkp8RDSiF99yJeEF0qkPTxYva_v97y6AVZXz-MhCNyUOhLp7NU3m1mxirSltTSua_OaJqfUWER1kbYCxUShSKuasVlA71hr7molmMSGoYGudntZgVAiOxGDEOoXIcxdVSJjMBuSa2t-M92EQTkmWGAm-23aAu3SjvvxzS4XDm1VjNY0uCVaMu4UjehB5Im18orA5weEy-hRSwgspLhrV_9eCk7CTLOy5a0EEGiw0vU8zJNujRe_sAFmGipb6ldoDqLEA5kT_b47W3pJ7HP1zti91g_oZ45PK-IdsxreEjJPNYIVtvMU8YYDnIbm7YAlXXLMoWKWXQZe_kxqUjBsAg1Hy1nGAYx9aEPZ9QPyhoZAm_0j_tcPwhc5SWCganemKyQddgit6XzUvewy3pe2A1MFrevtED8iYp9ewVXJufSAaqpyOH1IDR357Ma083LhD0sC_NgwmZRMOazh7K5xH2Mpv8BBqYoNvVKU7MQHHgL2bpZQbbRVEefeCu_ZGgZON0Du5zvbuDRUIVMToFDrFHdP8dh7DOv_HgHIn05KuM8n5Rci-skf1QMVnLf8Z2zdCNxTbdFS7ltkwLP9EkkLPTdq4qr4oz1G3ogD3w1Zkt3mLq1uY-ykqsnDRlw07avErwWqjk-YIpKo2cWOkgDM52YR4iltLbvJF5i0Wr5aDxZ7hgux42JKFusSfKo6ICoF07HWyVAJGX_xNMfGtTYrUkYlPDXS5rF9nVig7189Eil5lmqQyo-GzMcerhyuSRc1l2rD0ya2-H6NbWVuH0QBEuby-HTxcZrQmv4VeeNzzR0bEqJncqAtaF-rwcH_v5qWxvBHtBaAOdp3Kwqv0IhbixrPxLpdXqMbMSikuVpekJQEWjbHPIkurddssBa5F3WLAdPXWCIr6dSlUgJmEMknNzGg25zZDcl_mnOT16xslMyM9q8Chg6HDotbJIfqO4vJ68IPbPdKWocW6Q-ztYf9Yx_i7W4a48qWDVuktx3CtRig91SRAycSF-2-VPTBAbcw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B2 0
56 B 29ms
29ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJc1ctgZOYYSKKoOorAS0qo3QDQAAAAA4AeAEAg&bg=!kZKlktbNAAZNQyuQTUM7ACkAdvg8WqVO7Y2tkSZFJSo3PxG_e_MZQTYWDddeODd10U0ptck0ZZvG_wIAAAH5UgAAADBoAQeZAv0bRKG8RbLMUQknUSwpUWoqLFvmRxMfUMTFwuFkaFxips3Vq-jzn8bbxe6ynxKXqx1pnYe8Kas2Cflc_iCs2811El-VkklFpnC-76JpQjujtCHJf_s4Ux1lp8XrEcA1XA-JCSJeC1lwFSB5OlrfmNET11uoQGZphvu9d2YyYz1Kc8V1p-yjnP2B1R-eA9GJW5XMqCYyoYUH8Fa46WngKA9ffinghrnc-XA7XO72DwVzH0eTURT0hJsFVAeuXcvpzuxQtza_72rcfZPaI9iNCVs3hsCRfsWiDuIh7ekjXI9ke91YmQ9-mVDN96UMvrceC0H3cmFLvKE7UwD0vthQeGS1FVTxbqT5_hM76j_qh0-wpIGxiwM6GN4Ayum4uXIpIFPwTpLTQExq-T7pbrMIeJ0fYAWKxhnkST0gb7r0RPBpVvZm3jm5lnbt3-9Vk5UxEYg5uleLyf5G3a21cLSaW8_cejxrkyvUZqymZzlxSCz27WMC4H4l8cZQWWfQ2tbhrgfyjr9s1xY8FeguXhooIF-wh4TSGLa01H_cCYdj8Dg_wRsJkdsmw1p7r7Hen4oJGC91w7ftybUeQ_zCZHEHANi6_bZv-NWHUOffvIFyHA8jvPpBGwRdPN3IdUPCsM3d0T3p-q5m387c7kgPAJX3G5vrmbWXg_RJKrAOtkao3PYKlWvPm1gWu1TNzUPqGBT--clL07l1la5I8nzj__NXilNRm9Our3kp5eEZ9p3TtaYjbGSAAjbztPMHUvaGSOe03XFGb2oWBD6ZLjsN8Z3eTe_8UDYyfPba94V_9ZM0vTQ5PyC3iQY8ORqmNx30rO8okT_DcFSeDGRF-HEaPVG077jHyzTnxyAjn4jN4gSTg_xC7oDQpnE_HuQvBORbpm5c3MGbFBbFuBvbZUmB2Gi_hunFob5FYDikW5QEwTAuuy0y0zT5zj7ihIihtUIqFb4JHM0Jk02DsWdvKibM5kSzI2P6WVyzMTD6cJeHvOqxVqDfWN8Q7kAfnRT5hNilo6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227E 0
56 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B21z9tgZOYYKKKoOorAS0qo3QDQAAAAA4AeAEAg&bg=!WFulWx_NAAZNQyuQTUM7ACkAdvg8WjBNbhJ_OyIA67UEIEIZ0kVCcJKxx0QwC-NleTewUldU74BQbAIAAAI9UgAAAB9oAQeZAyrd7l1ZR4c4Xz_nDD94HXIfHY0z_HzUy7Nre6tVran-ZjK7JEFMEXMxWKYcLcgIvKB0VmYjY-kulJlIf-PxClHT2BSj4Nm4Xutx19ZsG3Uqk4EFPQDMTQJhsYY6lBBgK5bqXI4KBWgDCYr5MOIVuRAhB5FHgRwVrZs_Ue6Atw9l9OJuoDUGpGI-jselB9QME3-52-anC0EKFu5JlCr0PAe49rkk6MmFZefIBGlHyQiPoyB0_g3wi8Rv06qkb5_emK5XDGgAm-bwIQ9f0NLzwtU8ZHYBuMkPFbUFI5uJCm5FyNyAW8-_WbpsrqZwr7qoeAoMBxy--HolVoxoC4wFwVwxUrO442AHzRuU5NSVOI9m1bs_q3JBioo3t65HO7PRNQcoz-FxvHGGEVoqdYXVOLJPg9uh0C-ieVjWyLkT6YgELNcUnNPnGhclHjPg7hquSYWyLtYIBLzYFHWcDJtvD4cs76jGp_eTaeP0NZx8mY-mHIoSTL2f1knW_HvTiuscZ32QHwu2SLhLRFcvThHEN81KgAVCXHtDLPVsqL1R89Y5u1SgZXuazWZvKT7ymg-CNOGViv16l222kdD9BmwHSwDL7FCp0gXq9iZ52RniojTBWaFHTEskNdEGWAMt8sfsioB0OyZUevGtHWJUP1ZK8P4sK0D4zUZ4mou38aM-5XtiPsTEuMRSG36zMa_tcDPGbxa5DvIQ9FYUzEUDFywV0JwXkbTtLA28BvuaGeJXD567TEZYOOYfFFDR34VUq-9M1oQVof1tSwWRTA3CQPSjsP2QvKKDJxAgSHFE-UaK2ejWsz67RpZssJdlwcbGuogD0Nl5hNwfoTaNnwasuqmD7DQqk5qYyLboFFWGqJx1MT0ce_0CN9IeDQwGEbQsA0Jf-c5D5g3cekpjbapJ-o69D_5KDONdEnyAZby5JpoTCYVJVDiy5dBapVkQa3WT7ZjthBOmJkmJOiObHi6f2nCflTUHO3uhpv4Bd5b0V4Mqxe3DvBkycNuW4ZcBvD5nM2xn4pRk_8oY_ji8-Y61GxBhmjhcH7Fuuk78uXqKUAGI5ru2RkojnbX5K0xKGso

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
321 B 52ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=13435

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B241 14 KB
5 KB 56ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=158139
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=69132
expires: Sat, 25 Sep 2021 12:23:33 GMT
date: Fri, 24 Sep 2021 17:11:21 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F75E 52 KB
17 KB 81ms
13ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ew.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 25 Sep 2021 17:11:23 GMT
Date: Fri, 24 Sep 2021 17:11:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 79FA 668 B
728 B 29ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.3 /
Resource Hash: baab8f5e60f897b1f35bc7e443cebd5eb0eeea45bfaa690cd105c31e78a7166c

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ew.com/
accept-encoding: gzip, deflate, br
cookie: i=c77464dd-1371-010a-32ad-f473b0f13e4f|1632503478
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=c77464dd-1371-010a-32ad-f473b0f13e4f|1632503478; Version=1; Expires=Sat, 24-Sep-2022 17:11:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632503481|gekin0vNiygu; Version=1; Expires=Sat, 09-Oct-2021 17:11:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.3
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 24 Sep 2021 17:11:21 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3216 2 KB
1 KB 8ms
8ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ew.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 24 Sep 2021 17:11:21 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C3C6 281 B
554 B 69ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ew.com/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=KTYMF5NS-16-C6T2; rsid=1|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3LXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx; ses2=; vis2=364872^1; audit=1|hLZGFuTafB2yJZw2MNl1VqQ/Fn9jJ2Tlph+Ceuqbr/eYecc9Yinwrk7btMeuRlQMyLRGt+nToBAcHHmv29zUs5Gt+EMyN+pe; ses15=; vis15=364872^1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Sep 2021 17:11:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 204
No content push_sync
sofia.trustx.org/ 0
275 B 656ms
117ms Image
text/html 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofia.trustx.org/push_sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3Ddff938f9-f059-4202-be2f-7e...
https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3Ddff938f9-f059-4202-b...
https://x.bidswitch.net/sync?dsp_id=79&user_id=ErPQNhiM1MtOJj5&expires=30&ssp=themediagrid&bsw_param=dff938f9-f059-4202-be2f-7ecc059b9ff0

43 B
220 B

8ms
8ms

Image
image/gif

3.120.169.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=79&user_id=ErPQNhiM1MtOJj5&expires=30&ssp=themediagrid&bsw_param=dff938f9-f059-4202-be2f-7ecc059b9ff0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.169.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://x.bidswitch.net/sync?dsp_id=79&user_id=ErPQNhiM1MtOJj5&expires=30&ssp=themediagrid&bsw_param=dff938f9-f059-4202-be2f-7ecc059b9ff0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 23F7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

21ms
21ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9485e001ed447c04a7c0cca35e32ae2df1e22533a6ed284283b6dd13425db306

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YU4GuXkMYcW3cUTfE4ZsIgAA; CMPS=5228
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|230|39|51|90|47|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1656
Expires: Fri, 24 Sep 2021 17:11:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Connection: keep-alive
Set-Cookie: CMID=YU4GuXkMYcW3cUTfE4ZsIgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Sep 2022 17:11:21 GMT CMPS=5228;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Dec 2021 17:11:21 GMT CMPRO=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Dec 2021 17:11:21 GMT CMST=YU4GuWFOBrkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Sep 2021 17:11:21 GMT CMRUM3=33614e06b905a0&2f614e06b905a0&27614e06b90b40&5a614e06b905a0&2d614e06b905a0&29614e06b905a0&f1614e06b905a0&e6614e06b92760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Sep 2022 17:11:21 GMT

Redirect headers

Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 24 Sep 2021 17:11:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Connection: keep-alive
Set-Cookie: CMID=YU4GuXkMYcW3cUTfE4ZsIgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Sep 2022 17:11:21 GMT CMPS=5228;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Dec 2021 17:11:21 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 79FA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1ae614e-06b9-4b00-b788-31a91d7bc8d5

43 B
122 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1ae614e-06b9-4b00-b788-31a91d7bc8d5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
via: 1.1 google
server: OXGW/16.216.3
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1ae614e-06b9-4b00-b788-31a91d7bc8d5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 24 Sep 2021 17:11:20 GMT

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 79FA 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 79FA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2820295454859152894

43 B
106 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2820295454859152894
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
via: 1.1 google
server: OXGW/16.216.3
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2820295454859152894
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 79FA 70 B
264 B 112ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=14d85b84-baf6-3efd-687b-3c9bd4d60db2&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 79FA 170 B
243 B 61ms
17ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzhiNzg4NGUtNzM4MS02MDU5LTdkOWItNjYyMjFlMzRjM2Qy

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 79FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEILrxbP24vkawu9jNOy6eb4&google_cver=1

43 B
106 B

35ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEILrxbP24vkawu9jNOy6eb4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=eab9ff18-1f65-4a26-8531-cb990181cabb&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
via: 1.1 google
server: OXGW/16.216.3
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEILrxbP24vkawu9jNOy6eb4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
373 B 8ms
7ms Image
image/gif 2600:9000:21f3:c000:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-2&v=1.0.0&browser=chrome&utime=1632503478712&url=https%3A%2F%2Few.com%2F&globalTI_SID=72ce70e7-d2ae-41ad-af78-90c01c692638&request_id=916c443b-d1ef-4098-b661-c0016acd72e9&optanon_consent=isIABGlobal%3Dfalse%26datestamp%3DFri%2BSep%2B24%2B2021%2B17%3A11%3A18%2BGMT%2B0000%2B(GMT)%26version%3D6.18.0%26hosts%3D%26consentId%3D15b07d1e-f7d9-4493-bcd9-64c8e3b1fe57%26interactionCount%3D0%26landingPath%3Dhttps%3A%2F%2Few.com%2F%26groups%3D1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0&gpc_enabled=no&gpc_utc_millis=1632503478000&gpc_iab_global=no&domain=ew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:43 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 2199
etag: "28d6814f309ea289f847c69cf91194c6"
x-edge-origin-shield-skipped: 0
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: XDx1E1admyJb0L2bsPCGmqcvjYvOSRpffSJ3RFI9y2j-Aob8rIlVSw==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B241 2 KB
2 KB 54ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73389165&p=158139&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1aaf1b182b66dd4784da8689108687106a2699e3d70d196ca943b9027de696a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1683
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C3C6 31 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7c134764514621376c0cf89dfaec36d7a77dc01e69e5d4e87002062aae9f7da9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Sep 2021 15:20:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49537
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sat, 25 Sep 2021 06:56:58 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame F75E
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

8ms
8ms

Script
text/html

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a09519e6-f771-46f8-94dc-a79b29fe7424
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c3b4fe5e-533f-4aaa-9e6c-2aeacb88891b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 23F7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU4GuXkMYcW3cUTfE4ZsIgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM27hccN2dLDJ3FQm3ivsh8&google_cver=1&gdpr=1

43 B
999 B

18ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM27hccN2dLDJ3FQm3ivsh8&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 24 Sep 2021 17:11:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM27hccN2dLDJ3FQm3ivsh8&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 23F7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&dcc=t

43 B
645 B

97ms
97ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:22 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S0P7C77887XFAJ9692T4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:22 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MMPDZ3C9GEK0WK1YHQN8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 23F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU4GuXkMYcW3cUTfE4ZsIgAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEryNonQrCZj7oJmQAilUiQ&google_cver=1

43 B
315 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEryNonQrCZj7oJmQAilUiQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 24 Sep 2021 17:11:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEryNonQrCZj7oJmQAilUiQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 23F7 70 B
265 B 52ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 23F7 43 B
220 B 9ms
8ms Image
image/gif 3.120.169.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.169.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 23F7
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

12ms
12ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
server: openresty
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 23 Sep 2021 17:11:21 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 23F7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ErPQNhiM1MtOJj5&gdpr=1

43 B
987 B

27ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ErPQNhiM1MtOJj5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 24 Sep 2021 17:11:21 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ErPQNhiM1MtOJj5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 23F7 43 B
408 B 97ms
13ms Image
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:21 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-5
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 23F7 43 B
425 B 9ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YU4GuXkMYcW3cUTfE4ZsIgAA%261140
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ew.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3275
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 24 Sep 2021 18:05:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092301&jk=861039501937778&bg=!7u2l7anNAAZNQyuQTUM7ACkAdvg8WsB3-DlfM9k1u7HHjIm2qdgQxiS09WF1gWTjhfkaAVYYenGBlwIAAAEUUgAAAChoAQeZArGGctTT3Uy3kztTsOZhdMsSoQ-UVywY_EpH67iOVJ4IlB641PTNPjlaJ2PXFZCUo5qx1K1CPH_Lwwb-1N4zqeJotqaJEPZMgI3vNlLHYWJDl0fREK9TpW58LLo1B1TWrIgNjsN43QQ12PIbNLQKzAd8VwFdSAh7Yd05DFL2kRVD3lbBpLLIPQmbdAW8MeYOFaHrXGGzyEfl0zBIQITyn6fJihicN9XlDmYLlM2lDI95JyBpRTkk5bIYdnfK3ERktsLLPoHlY74JTeSXiJEKSIWo0Ylr-T6fa12p79lNZvC95nsyOCXf2M6cpECK0KmKTjZcRghn66w7VhI9X7TuEdtmQG90FeF40WiUBWJbe6dSHhZsmH1j7s2XBFqPtOD7clxFmobOENN45NWQjCgvVawWulD588mUgvXyeHmdCCl7fYpvIvzCJHQq5Ae50hr94JqFREM8r9OERq-fmmihUl9h08V6LfZXVf1uCozPDo3p7UNMeF9ID532sqyAE0OCFTTURVna3Wp6ZzFc0IhjS6zk-M3WdKYQ2II4acdt77KcWTAujnfUdYoOsPAKrlOdUGXYqoOhShYklLCPIwageDVydZAsBe1HyKgA2VFZChaowkFL9APdHBxot5w5YqLm7h8x3BhVZ71QYu4ZFZ0YTVf5RISJssIm8AZbWGfI6wlUuQQmvvCE6_kMF5YJwc31UEt206FZyySXh4pwvPX_-hgGckZAwPbBcW64-8m3mqQbKAqnJkfiFVjW1nX_u6y_jdCM1pyajC4nFWf1eDsSVG9hAzZ89IbfxQ23t72hQHggJplC-eBEmAa2QVLtmwkdFalJXXX58_de6Psqa0pLL-utRBouAFFkTNAc4aMuZQQQVJY1_XPHlpIbhHYqBugzuC9G4FaUDlxaIogK02ZXlL4xwg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 2BD0 35 B
468 B 17ms
16ms Document
image/gif 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 24 Sep 2021 17:11:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5699667485800852186; expires=Tue, 23 Nov 2021 17:11:21 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4FCE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871

42 B
211 B

18ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8; chkChromeAb67Sec=1; DPSync3=1633651200%3A197_219_201%7C1632528000%3A174; SyncRTB3=1633651200%3A54_161_56_220_21_13; KRTBCOOKIE_377=6810-13fdbcd8-60e7-4186-97d6-23e1568d2f23&KRTB&22918-13fdbcd8-60e7-4186-97d6-23e1568d2f23&KRTB&23031-13fdbcd8-60e7-4186-97d6-23e1568d2f23; PUBMDCID=3; KRTBCOOKIE_391=22924-6152023782419581133&KRTB&23263-6152023782419581133; PugT=1632503480; SPugT=1632503480
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 24 Sep 2021 17:11:21 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-1809645276614996871; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 24-Oct-2021 17:11:21 GMT; path=/ PugT=1632503481; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 24-Oct-2021 17:11:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Dec-2021 17:11:21 GMT; path=/
x-lat: lhrpug003:0:549
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809645276614996871
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B241
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fsS6SPsuRqaFJ-5it8EDuA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

8ms
8ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=69132
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 25 Sep 2021 12:23:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B241
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d1ae614e-06b9-4b00-b788-31a91d7bc8d5

0
260 B

91ms
13ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d1ae614e-06b9-4b00-b788-31a91d7bc8d5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d1ae614e-06b9-4b00-b788-31a91d7bc8d5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame B241
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=7EC4BA48-FB2E-46A6-8527-EE62B7C103B8
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=13fdbcd8-60e7-4186-97d6-23e1568d2f23&icm
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=510ffd4198dd4b0914c08b055f10a18a

35 B
248 B

99ms
99ms

Image
image/gif

51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=510ffd4198dd4b0914c08b055f10a18a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 24 Sep 2021 17:11:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=510ffd4198dd4b0914c08b055f10a18a
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B241
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0VDNEJBNDgtRkIyRS00NkE2LTg1MjctRUU2MkI3QzEwM0I4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

107ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:499
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B241
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPypNB8SWNhcdbq-NoN9_hA&google_cver=1

42 B
591 B

107ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPypNB8SWNhcdbq-NoN9_hA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:478
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPypNB8SWNhcdbq-NoN9_hA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B241 43 B
609 B 16ms
11ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 23 Sep 2021 17:11:21 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B241
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=13fdbcd8-60e7-4186-97d6-23e1568d2f23

42 B
602 B

46ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=13fdbcd8-60e7-4186-97d6-23e1568d2f23
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:368
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=13fdbcd8-60e7-4186-97d6-23e1568d2f23
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B241
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6152023782419581133

42 B
388 B

88ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6152023782419581133
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:20 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:433
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6152023782419581133
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C3C6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d1ae614e-06b9-4b00-b788-31a91d7bc8d5&expires=28

0
239 B

48ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d1ae614e-06b9-4b00-b788-31a91d7bc8d5&expires=28
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Fri, 24 Sep 2021 17:11:21 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d1ae614e-06b9-4b00-b788-31a91d7bc8d5&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 24 Sep 2021 17:11:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3C6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM3YjgzMGUwZTFiNWZiNmJkMDdjMTFjM2MzZmUwZjFhODdkNzA1Nw

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM3YjgzMGUwZTFiNWZiNmJkMDdjMTFjM2MzZmUwZjFhODdkNzA1Nw

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWM3YjgzMGUwZTFiNWZiNmJkMDdjMTFjM2MzZmUwZjFhODdkNzA1Nw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame C3C6 0
0 290ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C3C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELVQ0coHsJkLw3pV9dC6SMc&google_cver=1

0
239 B

46ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELVQ0coHsJkLw3pV9dC6SMc&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELVQ0coHsJkLw3pV9dC6SMc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C3C6 70 B
264 B 32ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3C6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RZTUY1TlMtMTYtQzZUMg==

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RZTUY1TlMtMTYtQzZUMg==

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 17:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RZTUY1TlMtMTYtQzZUMg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C3C6
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KTYMF5NS-16-C6T2&sigv=1&esig=2~b828c89c8cb076d962a0acbf98c3efc3292e6626

0
446 B

190ms
51ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KTYMF5NS-16-C6T2&sigv=1&esig=2~b828c89c8cb076d962a0acbf98c3efc3292e6626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:22 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KTYMF5NS-16-C6T2&sigv=1&esig=2~b828c89c8cb076d962a0acbf98c3efc3292e6626
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C3C6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/o_3ht0gaesZpjsZprQVjg8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4200369850540108250

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4200369850540108250
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Fri, 24 Sep 2021 17:11:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4200369850540108250
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F75E 0
731 B 7ms
6ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Sep 2021 17:11:22 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dd85697c-001d-472a-b8eb-d905e744a85f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B241 0
260 B 80ms
18ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158139&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 17:11:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ew.com/	1970-01-20 06:57:11	Name: _cb_ls Value: 1
ew.com/	1970-01-20 14:59:35	Name: muuid_origin Value: ew.com
ew.com/	1970-01-20 14:59:35	Name: globalTI_SID Value: 72ce70e7-d2ae-41ad-af78-90c01c692638
ew.com/	1970-01-20 14:59:35	Name: last_request_id Value:
ew.com/	1970-01-20 14:59:35	Name: request_id Value: 4d9f8360-500d-4b5a-acb1-f225f0c0323e
ew.com/	1970-01-20 14:59:35	Name: previous_ts Value:
ew.com/	1970-01-20 14:59:35	Name: visit_ts Value: 1632503477935
ew.com/	1970-01-20 14:59:35	Name: pageview_count Value: 1
.ew.com/	1970-01-20 14:59:35	Name: globalTI_SID Value: 72ce70e7-d2ae-41ad-af78-90c01c692638
.ew.com/	1970-01-20 14:59:35	Name: last_request_id Value:
.ew.com/	1970-01-20 14:59:35	Name: visit_ts Value: 1632503477935
.ew.com/	1970-01-20 14:59:35	Name: previous_ts Value:
.ew.com/	1970-01-20 14:59:35	Name: pageview_count Value: 1
.ew.com/	1970-01-20 14:59:35	Name: muuid_origin Value: ew.com
ew.com/	1970-01-20 14:59:35	Name: muuid_source Value: SERVER
ew.com/	1970-01-19 22:11:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
.openx.net/	1970-01-20 06:13:59	Name: i Value: c77464dd-1371-010a-32ad-f473b0f13e4f\|1632503478
.ew.com/	1970-01-20 06:13:59	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Sep+24+2021+17%3A11%3A18+GMT%2B0000+(GMT)&version=6.18.0&hosts=&consentId=15b07d1e-f7d9-4493-bcd9-64c8e3b1fe57&interactionCount=0&landingPath=https%3A%2F%2Few.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.rubiconproject.com/	1970-01-20 06:13:59	Name: khaos Value: KTYMF5NS-16-C6T2
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3LXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/	1970-01-19 21:29:09	Name: ses2 Value:
.rubiconproject.com/	1970-01-19 21:29:09	Name: vis2 Value: 364872^1
.rubiconproject.com/	1970-01-20 06:13:59	Name: audit Value: 1\|hLZGFuTafB2yJZw2MNl1VqQ/Fn9jJ2Tlph+Ceuqbr/eYecc9Yinwrk7btMeuRlQMyLRGt+nToBAcHHmv29zUs5Gt+EMyN+pe
.rubiconproject.com/	1970-01-19 21:29:09	Name: ses15 Value:
.rubiconproject.com/	1970-01-19 21:29:09	Name: vis15 Value: 364872^1
.ew.com/	1970-01-20 06:13:59	Name: ajs_anonymous_id Value: 34f88881-5dd9-4736-9590-e2a15868d373
.ew.com/	1970-01-19 21:28:27	Name: AMP_TOKEN Value: %24NOT_FOUND
.ew.com/	1970-01-20 14:59:35	Name: _ga Value: GA1.2.1705917284.1632503479
.ew.com/	1970-01-19 21:29:49	Name: _gid Value: GA1.2.190574870.1632503479
.ew.com/	1970-01-19 21:28:23	Name: _gat Value: 1
.ew.com/	1970-01-20 06:49:59	Name: __gads Value: ID=8ffba57076c2d2e7-22b40fae51c90045:T=1632503478:S=ALNI_MZssUuytYKsX-0IU8zz-Tkhl9mzfA
.doubleclick.net/	1970-01-20 06:49:59	Name: IDE Value: AHWqTUkGdnXkA9_cpcYf7S2H0wXTKGFMhXOdLREZoGn1PRFoT18lt2h0aLtplR_u
ew.com/	1970-01-19 21:28:27	Name: _lr_retry_request Value: true
ew.com/	1970-01-19 22:11:35	Name: _lr_env_src_ats Value: false
.openx.net/	1970-01-19 21:49:59	Name: pd Value: v2\|1632503481\|gekin0vNiygu
.bidswitch.net/	1970-01-20 06:13:59	Name: tuuid Value: dff938f9-f059-4202-be2f-7ecc059b9ff0
.bidswitch.net/	1970-01-20 06:13:59	Name: c Value: 1632503481
.bidswitch.net/	1970-01-20 06:13:59	Name: tuuid_lu Value: 1632503481
.casalemedia.com/	1970-01-20 06:13:59	Name: CMID Value: YU4GuXkMYcW3cUTfE4ZsIgAA
.casalemedia.com/	1970-01-19 23:37:59	Name: CMPS Value: 5228
.casalemedia.com/	1970-01-19 23:37:59	Name: CMPRO Value: 1140
.casalemedia.com/	1970-01-19 21:29:49	Name: CMST Value: YU4GuWFOBrkA
.adnxs.com/	1970-01-19 23:37:59	Name: uuid2 Value: 6208442035308713273
eus.rubiconproject.com/	1970-01-19 23:37:59	Name: pux Value: 1512%3D102833%262249%3D102833%262307%3D102833%262974%3D102833%262249-DV360-Hosted%3D102833%26idl%3D102833%26goog%3D102833%26brx%3D102833%26
.mathtag.com/	1970-01-20 06:54:18	Name: uuid Value: d1ae614e-06b9-4b00-b788-31a91d7bc8d5
.pubmatic.com/	1970-01-19 23:37:59	Name: KADUSERCOOKIE Value: 7EC4BA48-FB2E-46A6-8527-EE62B7C103B8
.pubmatic.com/	1970-01-19 23:37:59	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:37:59	Name: DPSync3 Value: 1633651200%3A197_219_201%7C1632528000%3A174
.pubmatic.com/	1970-01-19 23:37:59	Name: SyncRTB3 Value: 1633651200%3A54_161_56_220_21_13
.adform.net/	1970-01-19 22:11:35	Name: C Value: 1
.w55c.net/	1970-01-20 06:57:11	Name: wfivefivec Value: ErPQNhiM1MtOJj5
.w55c.net/	1970-01-19 22:11:35	Name: matchbidswitch Value: 5
.w55c.net/	1970-01-19 22:11:35	Name: matchcasale Value: 5
.simpli.fi/	1970-01-20 06:15:25	Name: suid Value: 9A5DB3852251464E9FBD030A3D4BA146
.adform.net/	1970-01-19 22:54:47	Name: uid Value: 6152023782419581133
.adsrvr.org/	1970-01-20 06:13:59	Name: TDID Value: 13fdbcd8-60e7-4186-97d6-23e1568d2f23
.casalemedia.com/	1970-01-20 06:13:59	Name: CMRUM3 Value: 27614e06b90b40&33614e06b905a0&2f614e06b905a0&5a614e06b905a0&2d614e06b92760CAESEM27hccN2dLDJ3FQm3ivsh8&f1614e06b905a0&e6614e06b92760&29614e06b905a0
.mathtag.com/	1970-01-19 22:11:35	Name: mt_mop Value: 9:1632503481
.de17a.com/	1970-01-20 06:06:47	Name: guid2 Value: 1.1809645276614996871
.pubmatic.com/	1970-01-19 22:11:35	Name: KRTBCOOKIE_377 Value: 6810-13fdbcd8-60e7-4186-97d6-23e1568d2f23&KRTB&22918-13fdbcd8-60e7-4186-97d6-23e1568d2f23&KRTB&23031-13fdbcd8-60e7-4186-97d6-23e1568d2f23
.pubmatic.com/	1970-01-19 23:37:59	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 22:11:35	Name: KRTBCOOKIE_391 Value: 22924-6152023782419581133&KRTB&23263-6152023782419581133
.pubmatic.com/	1970-01-19 22:11:35	Name: KRTBCOOKIE_80 Value: 22987-CAESEPypNB8SWNhcdbq-NoN9_hA&KRTB&16514-CAESEPypNB8SWNhcdbq-NoN9_hA&KRTB&23025-CAESEPypNB8SWNhcdbq-NoN9_hA
.pubmatic.com/	1970-01-19 22:11:35	Name: PugT Value: 1632503481
.pubmatic.com/	1970-01-19 22:11:35	Name: KRTBCOOKIE_336 Value: 5844-1809645276614996871
.onaudience.com/	1970-01-20 06:13:59	Name: cookie Value: 147de09e729f979f
.onaudience.com/	1970-01-19 21:29:49	Name: done_redirects147 Value: 1
.yahoo.com/	1970-01-20 06:14:21	Name: A3 Value: d=AQABBLoGTmECEMSSeDxqOSU-gAVoIT-zqfAFEgEBAQFYT2FXYQAAAAAA_eMAAA&S=AQAAAlPpBSU-h-514luSx9rlPJA
.adsrvr.org/	1970-01-20 06:13:59	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiw0ofVi-L_ORAFGAEgASgCMgsI7oTjhKLi_zkQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-19 21:29:49	Name: done_redirects161 Value: 1
.exelator.com/	1970-01-20 00:21:11	Name: EE Value: "510ffd4198dd4b0914c08b055f10a18a"
.exelator.com/	1970-01-20 00:21:11	Name: ud Value: "eJxrXxzq6XKLQcHU0CAtLcXE0NIiJcUkycDS0CTZwCLJwNQ0zdAg0dAicXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F7%252BNJBQBoJylY"
.pubmatic.com/	1970-01-19 22:11:35	Name: SPugT Value: 1632503483

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://ew.com/dist/main.js(Line 24) Message: Error: <svg> attribute viewBox: Expected number, "0 0 100 undefined".
rendering	error	URL: https://ew.com/dist/main.js(Line 24) Message: Error: <svg> attribute viewBox: Expected number, "0 0 100 undefined".
rendering	error	URL: https://ew.com/dist/main.js(Line 24) Message: Error: <svg> attribute viewBox: Expected number, "0 0 100 undefined".
network	error	URL: https://ew.com/element-api/content-proxy/sitewide-alert Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=72ce70e7-d2ae-41ad-af78-90c01c692638 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://ew.com/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F' from origin 'https://ew.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ew.com/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F' from origin 'https://ew.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13435 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9d3f69eece27549ff204a135c06a620e.safeframe.googlesyndication.com
aamapi.com
acdn.adnxs.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.se
api-ntv.sele.co
api.rlcdn.com
api.segment.io
api.sele.co
as-sec.casalemedia.com
c.amazon-adsystem.com
c1.adform.net
cdn.cookielaw.org
cdn.segment.com
cdn.selectablemedia.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
d30qdagvt44524.cloudfront.net
d5p.de17a.com
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
ew.com
fastlane.rubiconproject.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id.sv.rkdms.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imagesvc.meredithcorp.io
js-sec.indexww.com
karma.mdpcdn.com
loada.exelator.com
mab.chartbeat.com
match.adsrvr.org
meredith-d.openx.net
meredith.dap.akadns.net
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
pm.w55c.net
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sofia.trustx.org
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
trk-sp.sele.co
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
x.bidswitch.net
c.amazon-adsystem.com
pixel.quantserve.com
104.109.78.125
13.224.186.4
13.224.193.15
13.224.193.48
13.224.193.50
13.224.197.80
13.225.78.93
13.248.242.197
142.250.186.162
142.250.74.194
169.50.137.190
18.192.135.64
184.31.84.150
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
2.18.232.130
2.18.233.180
2.18.234.21
209.54.177.54
213.155.156.184
216.58.212.130
2600:1f14:600:6e00:77cb:3957:e000:1f7f
2600:9000:20eb:ae00:18:1fcd:34f:cdc1
2600:9000:21f3:2400:d:2820:3bc0:93a1
2600:9000:21f3:c000:11:e0c9:84c0:21
2600:9000:21f3:c00:19:bcbe:a700:21
2602:803:c004:200::140
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c08::9c
2a02:26f0:6c00::210:ba33
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a04:4e42::714
3.120.169.248
3.124.143.99
3.211.187.86
34.120.133.55
35.211.168.6
35.244.159.8
35.244.174.68
37.157.6.252
37.252.173.215
50.112.221.239
51.79.83.225
52.207.5.56
52.21.208.222
52.86.130.105
54.78.254.47
69.173.144.139
69.173.144.165
72.251.241.196
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865
04221009cebf646673d39ca96b0c2d263fbc92103c0874fbe142998fad3c7262
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0a899f30614c66f17d39e785b6b058963e07b3aa2849c68d1b551f05693815dc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd886ff5717cb667d14f9ebcb8d6952259e67707654e3a0d3714ed0a27e0df9
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0ec2934fcd51ed2400668d44d491b88cd7d6b458423ba613f0d769744dd11f9d
11f6d50a8c82ea6786a17d9c849ce648098423f75cc2a7fc6d7ebb2a15162d2e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
130de48e0c060d4b6238ea51906a09de1ae3d64e32420e935ebe1d5761784e7d
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aaf1b182b66dd4784da8689108687106a2699e3d70d196ca943b9027de696a9
1dbcb85972f68f310f7373b670a1a930846ca6d359508f78800a2adb065c18a7
1fa40a2902d5f7e60608e7fc90b0ff90e9a3a18e2ae98456f268c5e54d22e910
20828ddb10f2d25bcc1c846b05941e12a2b846db03f104ef8e1ae4a8ffcaafe3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
259393ac2502fe1ea3a801f32b55ee2208a766a9ae539d0aba3720d3dea5d8b8
271b7928be5f7f18e3ede76d139fc282b258c14b26d0ef05d4623d0cb859371b
27b337866aea9dc152dddf06463fcfdfe2eff2007bab75a4ca8907670887ff4f
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2b75be6a15a51e71c0cacf42602c86296495b681b745529085646698ec122b18
2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eac73beb9d291744e6bfb8196c0a181ddc3827c564e363afeae8061de029263
2f1391962e3b7183eabc9304bfe5902629aeb9d5aeac5409ebf1ee07ee1ca147
3033c79acdb0d219da2782de3e74f6fc040c71e7f6502dad67c21d50466c6da9
311eda6793f09ee9ec578fb0fa8570edc953c2d461c0f381d0c37581346f4ffd
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
3a1fdbe197375a6c6e84505cde84caf00d98dace452ab1ae5c3b5de6ba9e98e9
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de596d5f3832685a552f53f2b4cc0a23383f113f00c59f962b0e7aa5b7a94d3
3f908883a0e9c875085f7fc35000c261524708d77358d660aa500a404bb0beed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421b1800e7b45151cbc1c0ddedb6fd783c0330cd295d3386cb2fdff8707c1573
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aace3cf04b0852e4dfd59ee463a4b48dc574affbd9551e7d031130f28cfacd1
4cb92a925cb9f89157d46b55a677964228c0bfeca476a65d5c2150203d8360ca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5370a3619aa15335221c6737642060886eabbef0ee09d5377118b2d8f0dbc696
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
57bc5bd8620ec1923f7e30e7c9e5a4d358ff1f61af94e3c7f2dba5cde1a73848
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5c85fb5ea0475ab4aeb7524ffabf2f2c5606da512437fdcc486cc6bfeae57275
5e8fbd1eced6477b0174f339ca09479fb7fd124c3bec5a286d90eedc0c69975d
6329c9b17e07882439020ae49c705f57c036edbfceea514086a5bc7ae66472d8
65c3aa422e9ec9336030a058005f4707d1e55da33d783939b85a11ee0ed31e10
68645e752e4a92d89b1aafdc3d81c1929e5e5e5787586422151a381b5a24574c
68f66839ba976e5e84b87f4e9bd8dea1c8fe130b8e0a7b87f7e6ef55c8cc8442
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9b963f69d7f73067a4bafd53ec264896fdd73678b85af1aba3ae551e35897c
6e8820e15980e12632ea85b37945c743d3507568e6acfbccea970865f093b0b1
73aeb0d9d0781f56c11b3f29e45777cd99e914f607d6325c9d87923463a6fc12
74057f85bb994a2c8e204971016959c46411f6586380f33c1a45cb84178da80b
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
781231689f733ffd9e4234bebd13c969cf1d06caea5514fed06189c2e8e4c4a7
7aeb82f5acfe68969d0f588f3f04d81c92d6a311a1c4d153eaac0ddb832d6bc8
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e
7c134764514621376c0cf89dfaec36d7a77dc01e69e5d4e87002062aae9f7da9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f337f0a2be7421bdf955363f2bcf16a2353705ae4b90ac752cb2fcdfbed6da7
81f545e3189cf33ac88622a2f37c20346522a2ba1af686759e7d5c89e13a5286
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
870ac2963acdb89fb8efeb8bc76d8626143d6fdf9ac2f61b09cecb8237ba6d78
887f06fc01d48470756bd818c9d5ac08f826f1465e4c875019331e37524a30f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32b4aadc76894582280108bfaef505a393940a8e42146b9ef9e39a4f76d21a
8e45d36732fd4adb6be03c4b4e7ba59ed3e65831f14f8c72f0bcb93f194a0cab
8f8c834d2a1046192d4b952180ae9a5dd687697833a4bf75f65fb6c422a8b265
9485e001ed447c04a7c0cca35e32ae2df1e22533a6ed284283b6dd13425db306
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15a07309db07c6187684a1be460639c6cb42e21ea07b6772ea266fd7e6c8a52
a1ad18bfb35fa470cd23ec8bc7f45ac9b0b4642f537d1a6b180b3b017595000a
a2d16cde3a81b1597a289e3d45cde0b992a76c358c32e0d4ec8a24f8d3a8cd96
a368e2a95d9170498c4421d1d5fe1fbc73c204e4c4e380ccc295561fa863603f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d8a8c208a5b3e4b7a03dc2b594996d7e97bb6434049da6847a6e2a6ecb2ced
a5e767be1cbb41ac4bfbed24cb276ae04341448348e6d5b8893656b5669966a9
a5e94d63dba889b4412cac73fb370f32a133ffa2fcac496d23e8c6657bb3c507
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af34237a192972deb44d32c8f526dec767b3c7a417257a7f0101ad5650b2192e
b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19df80af6f0ef82f62caa83de9ed0b447120fee77802912030e89766a8c5a44
b21cbeea85304790d5358e77e42b5c36283c426b4e078fe27d2dcc750f5fb31c
b486c52bf20f94a3b2e31d3f190eeba232da46688a62290cdfc755aac8e5ad63
b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa
b91819f022c536b830d58562eb0589022032273de9010c0d8e6993a22ff1d8aa
baab8f5e60f897b1f35bc7e443cebd5eb0eeea45bfaa690cd105c31e78a7166c
bc3f98bb611b2b63d44c3fc30808de76447b0d821afb78075434c76a3b375f56
bea4d699b8253ce6d62a29b6617629b09d6d1bb0f125186c1b5652f2b26ce500
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
c087d9beaeff39e003ac053fa134f11f139cdcf44bc78c20de71d20610e10338
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c230d91accfeb496fc982360fdc224f5206c81d5d7414656cf05abbd4d7e9748
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca456850275a3f561a8197ebd12f7fd358cb4d7e09ece000b25c9db18b13c165
cb6e264b61d6eaca8ec5179eaf0fb415d8b4f37f7dd596933d8a2a4cd0afe6c8
cd6a3046caafc72dab8e4bd8ad1e3c0a828e1d8eceb60213794bd33ef8b013cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39f910d2eb61c84c28d28e7a43bf4e99e74ade608af519a982e648b02180aa6
d3bb646a270a09c0ccd57cfb033c1814f4f1b6c0d356ece55f917995ebff4d7f
d5770348b9b89ef448d1207339c5cb05c9c8307c7f14178b46951dd0ff082c01
d5e3d41683f3537e6590ff6b51cc471905352f5bfa0559ea39ea63d5bd601055
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db33b8cbace74c3bc7e32ebb51dfcaf53eb87d4284c90d570cb699f311afe964
db3a4df47bb291d250896991731e154207df7b61e0e6a268b647e4613a122d47
e027623392bfcadf40afe247036e1c1ccfed68902172fc967a410698002fb509
e0fc97c59a01aa3b86b2454ffc1fc3f56e12b54bb495489b1c38954d6c3d4f50
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e506883355a4e2a602e6c96aa453ba8329dc93a2ad68c1947243d6f670b45d14
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b
e8f365e18796cb1211420c68c9af1d81c5c76d029b2b26247bdd53bb35bed29c
ead0da19ace10eea3a647047d2a7c4a979915c3c6fbe7c472f07bd3673334b02
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ee772365ce777dde44e83cb4e94b94c51302a7c33b3126b0b2e602e901cd1c31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f151594f7c5a7ef00f33831cc44b36ab10cd5e5a260bdd55ab347dcea7dcdb5d
fc94cf3f0be80900fadda2246c906cfc6562ed271aaba1679e6ed5f284bed462
fd125b52def4e681a8f750e23682733888df2663401258829a6a8140ef48a3e0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

ew.com Open in urlscan Pro 13.225.78.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

99 %HTTPS

41 %IPv6

47 Domains

81 Subdomains

69 IPs

9 Countries

2526 kBTransfer

8008 kBSize

73 Cookies

53 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ew.com Open in urlscan Pro
13.225.78.93 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

99 %
HTTPS

41 %
IPv6

47
Domains

81
Subdomains

69
IPs

9
Countries

2526 kB
Transfer

8008 kB
Size

73
Cookies

221 HTTP transactions
15 data transactions