www.nwtf.org Open in urlscan Pro
107.23.128.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nwtf.org/filmcontest
Submission: On September 04 via manual (September 4th 2021, 4:13:07 am UTC) from US

Summary HTTP 76 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 36 domains to perform 76 HTTP transactions. The main IP is 107.23.128.138, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.nwtf.org.
TLS certificate: Issued by R3 on August 2nd 2021. Valid for: 3 months.

This is the only time www.nwtf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	107.23.128.138 107.23.128.138	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:224... 2600:9000:2240:5200:f:86b8:7140:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:1800:a:58f4:7d00:21	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	199.185.0.231 199.185.0.231	21592 (MULTIVIEW) (MULTIVIEW)
1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
2 8	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
17 23	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4232:5c22:542e:b1d3:5f9	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.108 13.32.121.108	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	3.228.45.187 3.228.45.187	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	18.66.97.6 18.66.97.6	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	52.211.195.119 52.211.195.119	16509 (AMAZON-02) (AMAZON-02)
76	43

4 107.23.128.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-128-138.compute-1.amazonaws.com

www.nwtf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:5200:f:86b8:7140:21 (United States)

ASN16509 (AMAZON-02, US)

d3gxcg0i30gmh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:1800:a:58f4:7d00:21 (United States)

ASN16509 (AMAZON-02, US)

d1x9a8onyzyjg4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.185.0.231 (United States)

ASN21592 (MULTIVIEW, US)

www.rumiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.209.129.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

multiview.122.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 159.253.128.188 (Amsterdam, Netherlands) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:5c22:542e:b1d3:5f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-45-187.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.6 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	simpli.fi 17 redirects i.simpli.fi um.simpli.fi	15 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	459 KB
9	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	16 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	1 KB
6	cloudfront.net d3gxcg0i30gmh1.cloudfront.net d1x9a8onyzyjg4.cloudfront.net	201 KB
4	nwtf.org www.nwtf.org	19 KB
3	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	3 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	google.com 1 redirects docs.google.com www.google.com	31 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	468 B
2	openx.net 1 redirects us-u.openx.net	481 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	agkn.com 1 redirects aa.agkn.com	735 B
2	tapad.com 1 redirects pixel.tapad.com	886 B
2	facebook.com www.facebook.com	294 B
2	2o7.net 1 redirects multiview.122.2o7.net	990 B
2	facebook.net connect.facebook.net	113 KB
2	adobedtm.com assets.adobedtm.com	38 KB
2	googletagmanager.com www.googletagmanager.com	96 KB
1	ml314.com ml314.com	422 B
1	adsrvr.org match.adsrvr.org	264 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	google.de www.google.de	108 B
1	googleadservices.com 1 redirects www.googleadservices.com	308 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	exelator.com loadm.exelator.com	324 B
1	intentiq.com sync.intentiq.com
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	rumiview.com www.rumiview.com	59 KB
0	multiview.com Failed sync.multiview.com Failed
76	36

	Domain	Requested by
23	um.simpli.fi	17 redirects
6	www.gstatic.com	docs.google.com www.gstatic.com
6	bcp.crwdcntrl.net	2 redirects www.nwtf.org tags.crwdcntrl.net bcp.crwdcntrl.net
4	cm.g.doubleclick.net	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	d3gxcg0i30gmh1.cloudfront.net	www.nwtf.org
4	www.nwtf.org	www.nwtf.org
3	fonts.googleapis.com	docs.google.com
3	www.google-analytics.com	www.nwtf.org www.googletagmanager.com www.google-analytics.com
2	secure.adnxs.com	2 redirects
2	sync.crwdcntrl.net	bcp.crwdcntrl.net
2	sync-tm.everesttech.net	2 redirects
2	us-u.openx.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	fei.pro-market.net	2 redirects
2	aa.agkn.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	1 redirects
2	www.facebook.com	www.nwtf.org
2	multiview.122.2o7.net	1 redirects www.nwtf.org
2	i.simpli.fi	assets.adobedtm.com i.simpli.fi
2	d1x9a8onyzyjg4.cloudfront.net	www.nwtf.org
2	docs.google.com	www.nwtf.org www.gstatic.com
2	connect.facebook.net	www.nwtf.org connect.facebook.net
2	assets.adobedtm.com	www.nwtf.org assets.adobedtm.com
2	www.googletagmanager.com	www.nwtf.org d3gxcg0i30gmh1.cloudfront.net
1	ml314.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	vars.hotjar.com	static.hotjar.com
1	pixel.rubiconproject.com
1	ib.adnxs.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	simplifi.partners.tremorhub.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ssl.gstatic.com	www.gstatic.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	tags.crwdcntrl.net	assets.adobedtm.com
1	www.rumiview.com	www.nwtf.org
0	sync.multiview.com Failed	www.nwtf.org
76	49

This site contains links to these domains. Also see Links.

Domain
your.nwtf.org
shop.nwtf.org
efw.nwtf.org
tv.nwtf.org
forms.gle
www.facebook.com
twitter.com
www.youtube.com
plus.google.com
www.linkedin.com
www.instagram.com
www.proteus.co
members.nwtf.org
nwtf.applicantpro.com

Subject Issuer	Validity	Valid
www.nwtf.org R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
www.rumiview.com Go Daddy Secure Certificate Authority - G2	`2021-02-09` - `2022-03-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-20`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2020-07-22` - `2022-08-20`	2 years	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.nwtf.org/filmcontest
Frame ID: 5F8823DF2CB55349DFCD9C7A377464C1
Requests: 52 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true
Frame ID: DE914C0B51A071AFE5F13D3397C8C28C
Requests: 16 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Frame ID: 3B3F28C3C8859E007D6ACF0A462E6CE7
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: AF31D645088651F5E2DA0A25352DA5D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NWTF Film Contest

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/s[_-]code.*\.js/i

Page Statistics

76
Requests

99 %
HTTPS

43 %
IPv6

36
Domains

49
Subdomains

43
IPs

6
Countries

1129 kB
Transfer

3235 kB
Size

4
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://your.nwtf.org/membership
Title: Become a Member

Search URL Search Domain Scan URL

URL: https://your.nwtf.org/donate
Title: Make a Donation

Search URL Search Domain Scan URL

URL: https://shop.nwtf.org/
Title: Shop

Search URL Search Domain Scan URL

URL: https://efw.nwtf.org/
Title: Energy For Wildlife

Search URL Search Domain Scan URL

URL: https://tv.nwtf.org/
Title: NWTF TV/Videos

Search URL Search Domain Scan URL

URL: https://your.nwtf.org/membership/step1.php
Title: Not yet a member, sign up today to take part in the Film Contest.

Search URL Search Domain Scan URL

URL: https://forms.gle/k1NCj8bkfgs9KuAD7
Title: Click here to access the form if it doesn't show on mobile

Search URL Search Domain Scan URL

URL: https://www.facebook.com/THENWTF
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NWTF_official
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NWTFonline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://plus.google.com/104046251242479099883
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-national-wild-turkey-federation
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/official_nwtf/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.proteus.co/

Search URL Search Domain Scan URL

URL: https://members.nwtf.org/login.php
Title: Member Login

Search URL Search Domain Scan URL

URL: http://shop.nwtf.org/
Title: Shop NWTF

Search URL Search Domain Scan URL

URL: https://nwtf.applicantpro.com/jobs/
Title: Job Opportunities

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://bcp.crwdcntrl.net/5/c=12671/seg=36.2.1/seg=NWTF HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=36.2.1/seg=NWTF

Request Chain 23

https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F04645ECF0E3D-2495DFB36877E722&ce=UTF-8&ns=multiview&g=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&cc=USD&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&pccr=true&vidn=3099791F608BC600-40000269FF50C14F&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F04645ECF0E3D-2495DFB36877E722&ce=UTF-8&ns=multiview&g=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&cc=USD&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 45

https://bcp.crwdcntrl.net/5/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr

Request Chain 47

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=AB0603B1C376451D8224E7F4042170B1

Request Chain 48

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1

Request Chain 49

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://um.simpli.fi/aa_px?sk=164990603899000016986

Request Chain 51

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AB0603B1C376451D8224E7F4042170B1

Request Chain 54

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=AB0603B1C376451D8224E7F4042170B1;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=AB0603B1C376451D8224E7F4042170B1;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NjgzOTA1OTU5OTAyMjU3MjA4MQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEK0XVkMvTp2u9mc-NZdMXD4&google_cver=1

Request Chain 55

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=AB0603B1C376451D8224E7F4042170B1&j=0

Request Chain 57

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=AB0603B1C376451D8224E7F4042170B1

Request Chain 58

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=AB0603B1C376451D8224E7F4042170B1

Request Chain 59

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1

Request Chain 60

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1&dnr=1

Request Chain 61

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=AB0603B1C376451D8224E7F4042170B1

Request Chain 62

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1630728766726&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PvIyYbLZLoT57gPJ6quoAQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PvIyYbLZLoT57gPJ6quoAQ&random=2876967724 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PvIyYbLZLoT57gPJ6quoAQ&random=2876967724&ipr=y

Request Chain 63

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1&__user_check__=1&sync_id=5d1fcccf-0d36-11ec-b90a-1984e64b0406

Request Chain 64

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=AB0603B1C376451D8224E7F4042170B1

Request Chain 65

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AB0603B1C376451D8224E7F4042170B1&expires=365

Request Chain 66

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AB0603B1C376451D8224E7F4042170B1

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMnlKBgRs9XAIQ9W_hYq_QI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0603B1C376451D8224E7F4042170B1 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 69

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YTLyPgAERXz55QBg HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTLyPgAERXz55QBg&_test=YTLyPgAERXz55QBg

Request Chain 71

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1

Request Chain 73

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=51225801%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D51225801%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=51225801/tpid=2248635758542075910/tp=ANXS

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request filmcontest Show response
www.nwtf.org/ 24 KB
7 KB 522ms
169ms Document
text/html 107.23.128.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nwtf.org/filmcontest

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.128.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-128-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

30d6c31771f88c9e0d38f46dc10a06756ab15c0571ec0d48c0564bb59fb0496b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Host: www.nwtf.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:44 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
X-Request-ID: 04f7b70026a7a03f02b982d911a7bcd09a2c
Last-Modified: Wed, 01 Sep 2021 20:05:28 GMT
Expires: Sat, 04 Sep 2021 05:12:44 GMT
Cache-Control: public, max-age=3600
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: "ed7b04081cbcea65d1573c1047b4248b"
Strict-Transport-Security: max-age=604800
X-CMS-Info: scope=APPLICATION
Content-Type: text/html;charset=UTF-8
Content-Language: en
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK styles.css
www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/ 29 KB
8 KB 104ms
103ms Stylesheet
text/css 107.23.128.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.128.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-128-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 993cf5696ecfc110c753de0f8e335fa83d98eea58a0d966a86dc524e6a008f6a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.nwtf.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.nwtf.org/filmcontest
Connection: keep-alive
Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:44 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Jun 2021 22:10:26 GMT
Server: Apache
ETag: "2341%3A1426710903209%112y5%3A1625091026205%11"
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Content-Disposition: inline; filename="styles.css"; filename*=UTF-8''styles.css
Connection: Keep-Alive
Keep-Alive: timeout=1, max=99
Expires: Mon, 04 Oct 2021 04:12:44 GMT

GET
H/1.1 200
OK MenuBean.css
www.nwtf.org/_resources/e30d:pxbk08-2y5/docroot/cms/css/ 2 KB
1 KB 236ms
102ms Stylesheet
text/css 107.23.128.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwtf.org/_resources/e30d:pxbk08-2y5/docroot/cms/css/MenuBean.css
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.128.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-128-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ada99493ddfb1953fe4c739a9df81c4a3e6d469bc88f0a213ec3437c283535c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.nwtf.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.nwtf.org/filmcontest
Connection: keep-alive
Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:44 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 04 Sep 2019 18:14:32 GMT
Server: Apache
ETag: "1567620872000"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Content-Disposition: inline; filename="MenuBean.css"; filename*=UTF-8''MenuBean.css
Connection: Keep-Alive
Keep-Alive: timeout=1, max=98
Expires: Mon, 04 Oct 2021 04:12:44 GMT

GET
H2 200 composite.js Show response
d3gxcg0i30gmh1.cloudfront.net/_resources/e30d:qcuuwd-2y5/jscrf/text/javascript%0E1%0Ffiles%1176712071za6790e7c%12files%111421349zaeddf2c7%12files%111421350zce1a7b22%12files%111421348zd9dac251%12fil... 126 KB
44 KB 42ms
9ms Script
text/javascript 2600:9000:2240:5200:f:86b8:7140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3gxcg0i30gmh1.cloudfront.net/_resources/e30d:qcuuwd-2y5/jscrf/text/javascript%0E1%0Ffiles%1176712071za6790e7c%12files%111421349zaeddf2c7%12files%111421350zce1a7b22%12files%111421348zd9dac251%12files%111421346z3e62ef56%12files%111421347z4965dfc0%12files%111421488z70209bd8/_fn/composite.js
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:f:86b8:7140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 131c56a2a8fb9b66423f0745ded0a67ecdf3d60310f32818a9c44ac73a5ec049

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 21:17:26 GMT
content-encoding: gzip
age: 197718
x-cache: Hit from cloudfront
content-disposition: inline; filename="composite.js"; filename*=UTF-8''composite.js
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jul 2020 18:48:13 GMT
server: Apache
etag: "1593715693689%111427207974237%111424448344450%111424448343170%111424448340927%111424448342149%111497364773210%11"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
via: 1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -fOOWHGvW1Eiii_lQRkqOoX1CNbWelEIfbaSiYhKv0RXBavtp6ZySQ==
expires: Fri, 01 Oct 2021 21:17:26 GMT

GET
H2 200 composite.js Show response
d3gxcg0i30gmh1.cloudfront.net/_resources/e30d:pxbk08-2y5/jscrf/text/javascript%0E1%0Fdocroot%11cms/js/bean/MenuBean.js%12docroot%11cms/js/cms-include.js/_fn/ 9 KB
3 KB 43ms
9ms Script
text/javascript 2600:9000:2240:5200:f:86b8:7140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3gxcg0i30gmh1.cloudfront.net/_resources/e30d:pxbk08-2y5/jscrf/text/javascript%0E1%0Fdocroot%11cms/js/bean/MenuBean.js%12docroot%11cms/js/cms-include.js/_fn/composite.js
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:f:86b8:7140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 69270ac2d649fbdcc1e60e6e04b87581bdc2a98ce66bbbdfa674f0643cbfd470

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:19:01 GMT
content-encoding: gzip
age: 201979
x-cache: Hit from cloudfront
content-disposition: inline; filename="composite.js"; filename*=UTF-8''composite.js
content-length: 3006
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Sep 2019 18:14:32 GMT
server: Apache
etag: "1567620872000%111567620872000%11"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
via: 1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: kpcT1PgsWAg-p8Dhjxqtth_aEgajdfLgxoxsM62yCeL93uZU16Is8A==
expires: Fri, 01 Oct 2021 20:06:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RXSR1X3PNB

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29c59136d48cb6c49cd8e82ea7d299e13abc9ebcdef18607934862b510f4bf19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51683
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:12:44 GMT

GET
H2 200 satelliteLib-db7f4d103f0a276746b0385f359a8721ee098320.js Show response
assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/ 73 KB
23 KB 21ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/satelliteLib-db7f4d103f0a276746b0385f359a8721ee098320.js
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9935fbba2ae840ff15629588a6df44bab23b78787629c5cf18520a43463b0f97

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:44 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 15:09:44 GMT
server: AkamaiNetStorage
etag: "235169c775cb68cb15c0358e071eb177:1602083384.749626"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nwtf.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 23282
expires: Sat, 04 Sep 2021 05:12:44 GMT

GET
H2 200 65b7-22204867-1512082021%20Film%20Contest%201542x333.jpg
d3gxcg0i30gmh1.cloudfront.net/ 125 KB
126 KB 13ms
13ms Image
image/jpeg 2600:9000:2240:5200:f:86b8:7140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3gxcg0i30gmh1.cloudfront.net/65b7-22204867-1512082021%20Film%20Contest%201542x333.jpg?versionId=djpM7HuzkAhfBtUBYu4tt6qjFwPOUWxn
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:f:86b8:7140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ab8a2aa77a6327f026a38ff8be759374895a37515166835579a24e45ea23f8

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 21:36:48 GMT
via: 1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
age: 23757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="1512082021+Film+Contest+1542x333.jpg"; filename*=UTF-8''1512082021+Film+Contest+1542x333.jpg
content-length: 128233
last-modified: Wed, 18 Aug 2021 18:23:45 GMT
server: AmazonS3
etag: "af271f6bee8f8059031636badb8ee08e"
x-amz-version-id: djpM7HuzkAhfBtUBYu4tt6qjFwPOUWxn
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: E89Xf0Vv7Eu3a_cQAvnMSchTuBYBQPHOD2E-OdvIKAkMdqK4kmpB0A==

GET
H/1.1 200
OK proteus-200x94.png
www.nwtf.org/_resources/e1h:ouwbui-2y5/image/75870152w100h47sc82c/_fn/ 2 KB
3 KB 430ms
340ms Image
image/png 107.23.128.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nwtf.org/_resources/e1h:ouwbui-2y5/image/75870152w100h47sc82c/_fn/proteus-200x94.png
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.128.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-128-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4c4cf33b07a8cfb23b9de5baa4cf245fd398d0a8ef75f054a4e0512d31f42c6b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.nwtf.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.nwtf.org/filmcontest
Connection: keep-alive
Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:44 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Aug 2017 19:37:30 GMT
Server: Apache
ETag: "150308505051775870152w100h47sc82c"
Content-Type: image/png
Cache-Control: public, max-age=3600
Content-Disposition: inline; filename="proteus-200x94.png"; filename*=UTF-8''proteus-200x94.png
Connection: Keep-Alive
Keep-Alive: timeout=1, max=97
Content-Length: 2490
Expires: Sat, 04 Sep 2021 05:12:44 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
45 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FQ4KQZ

Requested by

Host: d3gxcg0i30gmh1.cloudfront.net
URL: https://d3gxcg0i30gmh1.cloudfront.net/_resources/e30d:qcuuwd-2y5/jscrf/text/javascript%0E1%0Ffiles%1176712071za6790e7c%12files%111421349zaeddf2c7%12files%111421350zce1a7b22%12files%111421348zd9dac251%12files%111421346z3e62ef56%12files%111421347z4965dfc0%12files%111421488z70209bd8/_fn/composite.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a99cbf9f2583024baf70b4700fdd8e59cf75aa6b4fc95e08498658cea62bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46393
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Sep 2021 04:12:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2425
date: Sat, 04 Sep 2021 03:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 04 Sep 2021 05:32:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: PS5nV/nlfB4X8AItmpWp5N8zHxQTZ5lhbhOyaD2xzQAJs/np0ZnQiSgqV94yzOJxJJyGwd9UBxrTcUWUYkWR0w==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 04 Sep 2021 04:12:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 viewform Show response
docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/ Frame DE91 121 KB
30 KB 394ms
373ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbc9b0efd76e51e1568b05ba966f2476b638e207221c07f0ce960415c8145c4d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-/vNE6xl7gY/U+MltxcU4GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.google.com
:scheme: https
:path: /forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nwtf.org/filmcontest
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.nwtf.org/filmcontest

Response headers

content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Sep 2021 04:12:45 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-/vNE6xl7gY/U+MltxcU4GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=222=g51GxMCcMmg6xUf0eaWl1CTU3HJuwzUmhB2mlru4306daKJ9RLxXMAUJTj837aiGJ0NChTgfxxH-z8GKJCNyHFU4f1E76oQlstLHwy8jhkzDEbn7nWDVJdordwLXClipuFKtsKQvGRwZLtMJG3xlW9qMnW9VlHP_0Vwjw6CLWIk; expires=Sun, 06-Mar-2022 04:12:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=spreadsheet_forms=sydKhr8ohPx2A_AHqvX_2c9v272tQYspjc94AbEeZD4; Domain=.docs.google.com; Expires=Sat, 04-Sep-2021 05:12:45 GMT; Path=/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3151-0327141-bg-header-quick-links.jpg
d1x9a8onyzyjg4.cloudfront.net/ 11 KB
11 KB 112ms
8ms Image
image/jpeg 2600:9000:223c:1800:a:58f4:7d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1x9a8onyzyjg4.cloudfront.net/3151-0327141-bg-header-quick-links.jpg?versionId=MxXaVWVgbUho8COvt3AId3mAz7cE6Rsw
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:a:58f4:7d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e4c8611f960efa7b4a8c7341d3548cf46b6651784e2018f6a5b6435ff8509e7

Request headers

Referer: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: MxXaVWVgbUho8COvt3AId3mAz7cE6Rsw
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
etag: "153a3a4cfa49e634c06b0c497d714378"
age: 205034
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="bg-header-quick-links.jpg"; filename*=UTF-8''bg-header-quick-links.jpg
content-length: 10890
last-modified: Wed, 08 Aug 2018 14:47:09 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 19:15:31 GMT
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: jX1h_XGBtMbQIYaysmKnMgg2YlAcmLPX1CHuSvqXwr4aC7KQ0sQBOg==

GET
H2 200 c2f1-80352867-nwtf-Vert-logo-120x85.png
d1x9a8onyzyjg4.cloudfront.net/ 4 KB
4 KB 111ms
8ms Image
image/png 2600:9000:223c:1800:a:58f4:7d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1x9a8onyzyjg4.cloudfront.net/c2f1-80352867-nwtf-Vert-logo-120x85.png?versionId=Ws.jgUW9TnmMU3qWFTZSZSSm8CqPhIS6
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:a:58f4:7d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e1752eb080860f4b7aafd3a73e84c715498aa3d77e2de7adb31f87ae1e367a1

Request headers

Referer: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Ws.jgUW9TnmMU3qWFTZSZSSm8CqPhIS6
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
etag: "ad8330b703192501766234ead595531e"
age: 259160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="nwtf-Vert-logo-120x85.png"; filename*=UTF-8''nwtf-Vert-logo-120x85.png
content-length: 3595
last-modified: Wed, 30 Jun 2021 22:08:53 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 04:13:25 GMT
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: dgkWhKSLzxU7_PzoTM9YlJUHowIWJQsMKcbbiLJryhpTSs4DWVXSBQ==

GET
H2 200 1202-9178141-social-icons.png
d3gxcg0i30gmh1.cloudfront.net/ 12 KB
13 KB 9ms
7ms Image
image/png 2600:9000:2240:5200:f:86b8:7140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3gxcg0i30gmh1.cloudfront.net/1202-9178141-social-icons.png?versionId=EDUTUIQQezjDWqSNBcXtAIg.A6T2IUeq
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:f:86b8:7140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b08cf1566edb4ae3bb1c39caf5aa53abdbdf3061117d8f982370dfaf6562dea

Request headers

Referer: https://www.nwtf.org/_resources/e30d:qvjc9e-2y5/csscrf/text/css%0E1%0Fl%112341%12css%112y5%3A1422243z5d7fde00/_fn/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:15:36 GMT
via: 1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
age: 410229
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="social-icons.png"; filename*=UTF-8''social-icons.png
content-length: 12277
last-modified: Wed, 08 Aug 2018 14:47:10 GMT
server: AmazonS3
etag: "102cb66a9b34ef55433c779c67b3c258"
x-amz-version-id: EDUTUIQQezjDWqSNBcXtAIg.A6T2IUeq
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: vmJTdaeGs7N5ah48cGNBHAhkTavpAbA5CwyHC7FkSxieoR8Pa5ConQ==

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 173ms
46ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=5629&action=100&segment=MVPartner_AS_NWTF&m=1&sifi_tuid=37654

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/satelliteLib-db7f4d103f0a276746b0385f359a8721ee098320.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sat, 04 Sep 2021 04:12:44 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FqGDK_f_-Vrvsu0ZxnqB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RXSR1X3PNB&gtm=2oe910&_p=82694900&sr=1600x1200&ul=en-us&cid=417980646.1630728765&_s=1&dl=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&dt=NWTF%20Film%20Contest&sid=1630728764&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RXSR1X3PNB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nwtf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK c419df21-73b7-4a82-bea9-48e2f639a8ed.js Show response
www.rumiview.com/containers/ 217 KB
59 KB 588ms
160ms Script
application/javascript 199.185.0.231
MULTIVIEW

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rumiview.com/containers/c419df21-73b7-4a82-bea9-48e2f639a8ed.js
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.185.0.231 , United States, ASN21592 (MULTIVIEW, US),
Reverse DNS
Software: /
Resource Hash: 5e0974fad03d077a1c7b2601d3ff8a7244019b649ca88a23ea4aeb1b4f037b65

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Cookie
cache-control: public, must-revalidate, max-age=360
x-robots-tag: none
transfer-encoding: chunked
content-type: application/javascript; charset=utf-8

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12671/ 38 KB
11 KB 1855ms
1854ms Script
application/json 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/satelliteLib-db7f4d103f0a276746b0385f359a8721ee098320.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acb3e087bf88bc402af84692e40976e36b616a4e1d1d6aee0dfc0bf1fbc202e5

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 03 Sep 2021 19:06:55 GMT
content-encoding: gzip
etag: W/"ff18e6fc31140cf7579fc518ef2c226d"
last-modified: Wed, 11 Mar 2020 04:14:07 GMT
server: AmazonS3
age: 32782
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: A1Y76NpW15dTtNQQGDyNUwpYjpk65h2YckDI8obJ7CkLrbAWCz3tIg==

GET
H2

200

seg=NWTF
bcp.crwdcntrl.net/5/ct=y/c=12671/seg=36.2.1/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12671/seg=36.2.1/seg=NWTF
https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=36.2.1/seg=NWTF

49 B
840 B

55ms
55ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=36.2.1/seg=NWTF
Requested by: Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.18
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/seg=36.2.1/seg=NWTF
cache-control: no-cache
x-server: 10.45.0.52
content-length: 0
expires: 0

GET
H2 200 s-code-contents-d25d3d99221e2b596cb5a48ab95d4ee97e3c20f4.js Show response
assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/ 39 KB
15 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/s-code-contents-d25d3d99221e2b596cb5a48ab95d4ee97e3c20f4.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c876840ac68fc41c08a580a3fb1869c51ca83380/satelliteLib-db7f4d103f0a276746b0385f359a8721ee098320.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8b260fb1f8d40f33abe016333485d9e9b8e743af3711ca620a3ea472157df8de

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:44 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 15:09:44 GMT
server: AkamaiNetStorage
etag: "aa29fb2d6673aef8d3d3e66a0de8e4f1:1602083384.97827"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nwtf.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 14662
expires: Sat, 04 Sep 2021 05:12:44 GMT

GET 200
sync.multiview.com/sync/pid/ 0
0

GET
H3-29 200 1778695445779604 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1778695445779604?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25851e658c11749af64e1bfdb273f29de193deb1fd33a8ffdfed03701a4ef3cc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: w9Qsrp8irWrK548BjmZXUmzFil09gdaTHTnHAdIi70icw5oLfosgbtOh9OiEHUvpouBwTPDQU3qY21whfn/XgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 04 Sep 2021 04:12:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

s33814294440801
multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/
Redirect Chain

https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F04645ECF0E3D-2495DFB36877E722&ce=UTF-8&ns=multiview&...
https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&pccr=true&vidn=3099791F608BC600-40000269FF50C14F&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F046...

43 B
293 B

32ms
31ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&pccr=true&vidn=3099791F608BC600-40000269FF50C14F&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F04645ECF0E3D-2495DFB36877E722&ce=UTF-8&ns=multiview&g=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&cc=USD&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 05 Sep 2021 04:12:46 GMT
server: jag
xserver: anedge-f47784dbf-clv8n
etag: 3501963360568836096-4619855758640340315
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 03 Sep 2021 04:12:46 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Sep 2021 04:12:46 GMT
server: jag
access-control-allow-origin: *
xserver: anedge-f47784dbf-tbrzk
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
location: https://multiview.122.2o7.net/b/ss/mviewwebnwtf/1/H.27.5-D7QN/s33814294440801?AQB=1&pccr=true&vidn=3099791F608BC600-40000269FF50C14F&ndh=1&t=4%2F8%2F2021%206%3A12%3A44%206%20-120&D=D%3D&fid=111F04645ECF0E3D-2495DFB36877E722&ce=UTF-8&ns=multiview&g=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&cc=USD&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H2 200 hotjar-1876288.js Show response
static.hotjar.com/c/ 4 KB
2 KB 116ms
56ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1876288.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQ4KQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9014f5aeb4efe499919303061fcfc91724922c970f248198bbf44ee3ca007690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 9
etag: W/39667610aaa85fc0ad4316a3537f44d8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
content-length: 1910
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id: 7beQ57X77DIJ_JM3aJXhQyjo-gr6Q5ynnKe_qSWw1cyOr6ALNHOzNg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1778695445779604&ev=PageView&dl=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&rl=&if=false&ts=1630728764999&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630728764995.399749382&it=1630728764864&coo=false&exp=p1&rqm=GET

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 04 Sep 2021 04:12:45 GMT

GET
H2 200 modules.32d4d6c361d45587f461.js Show response
script.hotjar.com/ 221 KB
59 KB 844ms
61ms Script
application/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.32d4d6c361d45587f461.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1876288.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 10:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59572
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 10:16:34 GMT
etag: "3160769f38fdb6aa7f9b79e9033d46a8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NYm0vL_3gJJ8rs9AGvaBgZlpw4kizpp3qY1IsQQ1dbUNRuwffVAOCQ==

GET
H2 200 icon
fonts.googleapis.com/ Frame DE91 616 B
475 B 23ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a3c59aade7ee61fda39bb37b9bb0f14755878b73a6e49cda87df19ab9bfadf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 04:12:45 GMT
server: ESF
date: Sat, 04 Sep 2021 04:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Sep 2021 04:12:45 GMT

GET
H2 200 rs=AMjVe6j_j8WUNDQjOm1asjZzqqDV1ymd9g
www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1ndahvgp9we20.L.W.O/d=1/ Frame DE91 402 KB
49 KB 17ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1ndahvgp9we20.L.W.O/d=1/rs=AMjVe6j_j8WUNDQjOm1asjZzqqDV1ymd9g

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4707dd31d9f4f00972f4ea9829eb2cfebc84b0d32180839554cb4202c51bebc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49996
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 18:27:36 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 05:15:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DE91 13 KB
1 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e2633b749310981ac845b0b710780cbe5cfc7edf311994493cf2df8c52cbe86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 03:30:19 GMT
server: ESF
date: Sat, 04 Sep 2021 04:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Sep 2021 04:12:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DE91 1 KB
542 B 30ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 03:43:30 GMT
server: ESF
date: Sat, 04 Sep 2021 04:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Sep 2021 04:12:45 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DE91 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 208962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DE91 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:59:45 GMT
x-content-type-options: nosniff
age: 61980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 10:59:45 GMT

GET
H3-29 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame DE91 1 KB
1 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 23:53:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 274767
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1510
x-xss-protection: 0
expires: Wed, 31 Aug 2022 23:53:18 GMT

GET
H3-29 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=1/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/ Frame DE91 338 KB
110 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=1/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66907f599a3927b420687be23d0bdfcb9575c624345e3000bb65b3a1e52b480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112109
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:49:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 18:37:59 GMT

GET
H2 200 qp_sprite147.svg
ssl.gstatic.com/docs/forms/ Frame DE91 113 KB
13 KB 38ms
7ms Image
image/svg+xml 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/forms/qp_sprite147.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1ndahvgp9we20.L.W.O/d=1/rs=AMjVe6j_j8WUNDQjOm1asjZzqqDV1ymd9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5619e988db22ffaee92a69f342383d0c997836bba93eb317293276c1b5e08c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 20:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 286167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 20:43:18 GMT

GET
H3-29 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame DE91 34 KB
34 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 14:34:36 GMT
x-content-type-options: nosniff
age: 567489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35140
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 14:34:36 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DE91 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 208962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H3-29 200 m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=0/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/ Frame DE91 382 KB
120 KB 21ms
7ms XHR
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=0/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,Sk9apb,J8mJTc,UUJqVe,CP1oW,syi,syg,sy1r,sy15,sy1s,sy2k,pxq3x,syu,sy2j,O6y8ed,sy32,sy3i,sy33,syb,sy3j,sy3s,Xhpexc,Q91hve,sy9,sy3,sy2o,sy2p,mRfQQ,sy3e,sy3d,CFa0o,sy3u,VXdfxd,sy36,sy37,sy34,sy3a,sy35,sy38,sy3b,Y9atKf,sy39,sy3c,s39S4,sy1p,ENNBBf,syr,L1AAkb,sy1a,KUM7Z,QvB8bb,bCfhJc,sy2l,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2s,sy2t,sy2u,I6YDgd,sy3v,N5Lqpc,sy1g,sy1h,sy1b,sy1i,sy1j,sy1t,uiNkee,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5c,sy5d,sy5e,xQtZb,IvDHfc,sy31,sy3w,sy30,sy3p,EcW08c,sy3x,sy3y,t8tqF,sy13,p2tbsc,d8PXFf,atgb9d,sy1v,sy1w,sy1x,sy1y,LxALBf,rHjpXd,sy49,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy45,sy2y,sy2q,sy3k,sy44,sy46,sy47,sy2z,sy3f,sy3l,sy43,sy3g,sy40,sy41,sy42,sy3m,sy3n,sy3o,sy3q,sy3z,sbHRWb,RGrRJf,OkF2xb,oZECf,sy3r,hYei2d,pFu8T,sy17,TOfxwf,sy4c,sy4d,sy4m,lSvzH,yUS4Lc,KOZzeb,sy48,oCiKKc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=1/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=viewer_base

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8e88ee1bb4ca02facd8f6d925607f71fe12d37f8499397e948921389d0172c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 16:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122941
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:49:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 16:28:08 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame DE91 78 KB
28 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=0/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=MpJwZc,n73qwf,NpD4ec,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy1c,sy2v,sy2w,V3dDOb,sy2i,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy19,sy18,OShpD,syw,sy14,sy1d,sy11,sy1e,sy1m,sy3t,A4UTCb,sy2,xiqF3,owcnme,De38hd,sy22,Sk9apb,J8mJTc,UUJqVe,CP1oW,syi,syg,sy1r,sy15,sy1s,sy2k,pxq3x,syu,sy2j,O6y8ed,sy32,sy3i,sy33,syb,sy3j,sy3s,Xhpexc,Q91hve,sy9,sy3,sy2o,sy2p,mRfQQ,sy3e,sy3d,CFa0o,sy3u,VXdfxd,sy36,sy37,sy34,sy3a,sy35,sy38,sy3b,Y9atKf,sy39,sy3c,s39S4,sy1p,ENNBBf,syr,L1AAkb,sy1a,KUM7Z,QvB8bb,bCfhJc,sy2l,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2s,sy2t,sy2u,I6YDgd,sy3v,N5Lqpc,sy1g,sy1h,sy1b,sy1i,sy1j,sy1t,uiNkee,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5c,sy5d,sy5e,xQtZb,IvDHfc,sy31,sy3w,sy30,sy3p,EcW08c,sy3x,sy3y,t8tqF,sy13,p2tbsc,d8PXFf,atgb9d,sy1v,sy1w,sy1x,sy1y,LxALBf,rHjpXd,sy49,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy45,sy2y,sy2q,sy3k,sy44,sy46,sy47,sy2z,sy3f,sy3l,sy43,sy3g,sy40,sy41,sy42,sy3m,sy3n,sy3o,sy3q,sy3z,sbHRWb,RGrRJf,OkF2xb,oZECf,sy3r,hYei2d,pFu8T,sy17,TOfxwf,sy4c,sy4d,sy4m,lSvzH,yUS4Lc,KOZzeb,sy48,oCiKKc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb953a129c519ab5b61343a78dec39d6421f93f36962cb97a6d3a0e4586bedf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 03:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 06:25:20 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Sep 2021 04:13:48 GMT

GET
H2 200 m=sy3h,sWGJ4b,syo,syn,syp,sy4i,EGNJFf,iSvg6e,sy4h,uY3Nvd Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=0/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/ Frame DE91 46 KB
46 KB 8ms
6ms XHR
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=0/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=sy3h,sWGJ4b,syo,syn,syp,sy4i,EGNJFf,iSvg6e,sy4h,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=1/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bd364156128294c03b3bca785db4b9e61812c413d2c562f1beec5d63117ea81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 15:31:18 GMT
x-content-type-options: nosniff
age: 132087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46861
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:49:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Sep 2022 15:31:18 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/ Frame DE91 0
432 B 122ms
122ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/naLogImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.L3SMDwCVJTE.O/d=1/rs=AMjVe6jHeaNbzytHl4uXEXhKbnb3zzAhKw/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-hLU2+zLRkPwxOGKUGFHUqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSffK-frAzqVcWgHsE3prb_zNPoh8UZup8UaU_6aiqAc5Ic02A/viewform?embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:45 GMT
server: GSE
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-hLU2+zLRkPwxOGKUGFHUqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1778695445779604&ev=Microdata&dl=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&rl=&if=false&ts=1630728766561&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NWTF%20Film%20Contest%22%2C%22meta%3Adescription%22%3A%22The%20National%20Wild%20Turkey%20Federation%20(NWTF)%20is%20a%20national%20nonprofit%20conservation%20and%20hunting%20organization%20that%20has%20worked%20for%20the%20conservation%20of%20the%20wild%20turkey%20and%20preservation%20of%20the%20hunting%20tradition%20since%201973.%22%2C%22meta%3Akeywords%22%3A%22turkey%20hunting%2C%20wild%20turkey%20hunting%2C%20turkey%20photos%2C%20wild%20turkey%20restoration%2C%20turkey%20populations%2C%20turkey%20relocation%2C%20hunting%2C%20conservation%2C%20conservation%20groups%2C%20spring%20turkey%20hunting%2C%20north%20america%2C%20wild%20turkey%20populations%2C%20youth%20hunting%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630728766560.369614198&it=1630728764864&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.nwtf.org
URL: https://www.nwtf.org/filmcontest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 04 Sep 2021 04:12:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
87 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=82694900&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nwtf.org%2Ffilmcontest&ul=en-us&de=UTF-8&dt=NWTF%20Film%20Contest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABAAAAAC~&jid=27372219&gjid=419283231&cid=417980646.1630728765&tid=UA-1757422-1&_gid=1499942463.1630728765&_r=1&_slc=1&z=1314202480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nwtf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 746 B
2 KB 28ms
28ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=5629&action=100&segment=MVPartner_AS_NWTF&m=1&sifi_tuid=37654

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9f949a2832145c1d24fa6a5dc95ffa8e792b9cf71c6afd4c30d8de80de1660c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20... Frame 3B3F
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section...
https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Se...

1 KB
2 KB

58ms
57ms

Document
text/html

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12671/cc.js?ns=_cc12671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e689c88daab6d4ad066224b75bb5a67a8715d8f150ab136d286fae74bd6f7705

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nwtf.org/filmcontest
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.nwtf.org/filmcontest

Response headers

date: Sat, 04 Sep 2021 04:12:46 GMT
content-type: text/html;charset=utf-8
content-length: 1405
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.6.64
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 01-Jun-2022 04:06:00 GMT;SameSite=None;Secure _cc_id=3a3bef33f56296bdbd72261ce1e01ff3;Path=/;Domain=crwdcntrl.net;Expires=Wed, 01-Jun-2022 04:06:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQME40TkpNMzZOMzUzsjRLSklKMTcyMjNMTjVMNTBMSzNmAIJEo092%2F%2F7%2F%2F88P4oAB37fvnyQY%2Fycx%2FGdkZPiCxD4waYkOTHzyH4Sa45umsMDEny2eA2efO3qIGSa%2Be99lARj7MJKad0sQ6s%2BcVIcp2bXhKTeMfeiLJYzZOfmkFowNAL%2FjUF8%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 01-Jun-2022 04:06:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBINPpkB6QggImB9TQziMn6%2BRSQBABArQRb";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 01-Jun-2022 04:06:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Sat, 04 Sep 2021 04:12:46 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.26.20
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1757422-1&cid=417980646.1630728765&jid=27372219&gjid=419283231&_gid=1499942463.1630728765&_u=KADAAEAAAAAAAC~&z=1982365662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 04 Sep 2021 04:12:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.nwtf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=AB0603B1C376451D8224E7F4042170B1

43 B
183 B

293ms
93ms

Image
image/gif

2600:1f18:612b:4232:5c22:542e:b1d3:5f9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=AB0603B1C376451D8224E7F4042170B1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:5c22:542e:b1d3:5f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1

95 B
425 B

25ms
24ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=AB0603B1C376451D8224E7F4042170B1
date: Sat, 04 Sep 2021 04:12:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=AB0603B1C376451D8224E7F4042170B1
https://um.simpli.fi/aa_px?sk=164990603899000016986

43 B
409 B

27ms
27ms

Image
image/gif

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164990603899000016986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 03 Sep 2021 04:12:48 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:48 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164990603899000016986
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 335ms
333ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AB0603B1C376451D8224E7F4042170B1

0
0

1266ms
21ms

Image
text/html

13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AB0603B1C376451D8224E7F4042170B1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 336ms
333ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 28ms
27ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=AB0603B1C376451D8224E7F4042170B1;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=AB0603B1C376451D8224E7F4042170B1;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NjgzOTA1OTU5OTAyMjU3MjA4MQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEK0XVkMvTp2u9mc-NZdMXD4&google_cver=1

43 B
392 B

32ms
14ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEK0XVkMvTp2u9mc-NZdMXD4&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEK0XVkMvTp2u9mc-NZdMXD4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=AB0603B1C376451D8224E7F4042170B1&j=0

0
324 B

322ms
320ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=AB0603B1C376451D8224E7F4042170B1&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=AB0603B1C376451D8224E7F4042170B1&j=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 27ms
27ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=AB0603B1C376451D8224E7F4042170B1

0
421 B

665ms
103ms

Image
text/plain

3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=AB0603B1C376451D8224E7F4042170B1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-45-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 04 Sep 2021 04:12:47 GMT

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=AB0603B1C376451D8224E7F4042170B1

62 B
745 B

449ms
389ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=AB0603B1C376451D8224E7F4042170B1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:47 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: fe61
Content-Type: image/gif

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H2

200

tpid=AB0603B1C376451D8224E7F4042170B1
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1

49 B
263 B

492ms
492ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1
https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1&dnr=1

0
433 B

247ms
246ms

Image
text/plain

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:12:47 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:12:47 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=AB0603B1C376451D8224E7F4042170B1&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=AB0603B1C376451D8224E7F4042170B1

0
66 B

1114ms
37ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=AB0603B1C376451D8224E7F4042170B1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1630728766726&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
108 B

23ms
23ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PvIyYbLZLoT57gPJ6quoAQ&random=2876967724&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=387819470&cv=7&fst=1630728766726&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=PvIyYbLZLoT57gPJ6quoAQ&random=2876967724&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1&__user_check__=1&sync_id=5d1fcccf-0d36-11ec-b90a-1984e64b0406

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1&__user_check__=1&sync_id=5d1fcccf-0d36-11ec-b90a-1984e64b0406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:12:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 62
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 04 Sep 2021 04:12:48 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=AB0603B1C376451D8224E7F4042170B1&__user_check__=1&sync_id=5d1fcccf-0d36-11ec-b90a-1984e64b0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 114
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=AB0603B1C376451D8224E7F4042170B1

43 B
1009 B

2297ms
1811ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=AB0603B1C376451D8224E7F4042170B1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:12:48 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 96ee502a-8b89-4da9-a801-db73d22e8bd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
server: nginx
location: https://ib.adnxs.com/setuid?entity=66&code=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:47 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AB0603B1C376451D8224E7F4042170B1&expires=365

0
239 B

102ms
26ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AB0603B1C376451D8224E7F4042170B1&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Sat, 04 Sep 2021 04:12:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=AB0603B1C376451D8224E7F4042170B1&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=AB0603B1C376451D8224E7F4042170B1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AB0603B1C376451D8224E7F4042170B1

43 B
180 B

25ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AB0603B1C376451D8224E7F4042170B1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:48 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=AB0603B1C376451D8224E7F4042170B1
date: Sat, 04 Sep 2021 04:12:48 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEMnlKBgRs9XAIQ9W_hYq_QI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0603B1C376451D8224E7F4042170B1
https://um.simpli.fi/g_match?id=

0
320 B

29ms
29ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nwtf.org/filmcontest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:12:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Sep 2021 04:12:47 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame AF31 2 KB
1 KB 105ms
48ms Document
text/html 18.66.97.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1876288.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nwtf.org/filmcontest
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.nwtf.org/filmcontest

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: dY8Ag0OssbRGWcdVLOVUD9-qoLSHe68DkCe4VfI6veFqPeO5sP8t3A==
age: 4161376

GET
H2

200

tpid=YTLyPgAERXz55QBg&_test=YTLyPgAERXz55QBg
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 3B3F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YTLyPgAERXz55QBg
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTLyPgAERXz55QBg&_test=YTLyPgAERXz55QBg

49 B
264 B

40ms
38ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTLyPgAERXz55QBg&_test=YTLyPgAERXz55QBg
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.220
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630728767.171253,VS0,VE0
x-served-by: cache-fra19150-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTLyPgAERXz55QBg&_test=YTLyPgAERXz55QBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3B3F 70 B
264 B 38ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

tpid=AB0603B1C376451D8224E7F4042170B1
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 3B3F
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1

49 B
264 B

42ms
40ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.20
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Sat, 04 Sep 2021 04:12:46 GMT
x-content-type-options: nosniff
server: nginx
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AB0603B1C376451D8224E7F4042170B1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 03 Sep 2021 04:12:46 GMT

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 3B3F 43 B
422 B 132ms
33ms Image
image/gif 52.211.195.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=3a3bef33f56296bdbd72261ce1e01ff3&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:12:46 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sun, 05 Sep 2021 00:12:46 GMT

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=51225801/tpid=2248635758542075910/ Frame 3B3F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=51225801%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D51225801%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=51225801/tpid=2248635758542075910/tp=ANXS

49 B
264 B

42ms
42ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=51225801/tpid=2248635758542075910/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.18
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:12:46 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cade80c6-31c9-41e8-a17b-3978bba85d74
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=51225801/tpid=2248635758542075910/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 3B3F 103 B
416 B 2051ms
114ms Script
application/json 3.120.52.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12671/rand=671575283/pv=y/seg=36.2.1/seg=NWTF/int=%23OpR%2382957%23www.nwtf.org%20%3A%20Total%20Site%20Traffic/int=%23OpR%2382958%23www.nwtf.org%20%3A%20Site%20Section%20%3A%20filmcontest/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:12:48 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.multiview.com
URL: https://sync.multiview.com/sync/pid/200

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nwtf.org/	1970-01-19 23:08:24	Name: _fbp Value: fb.1.1630728766560.369614198
.nwtf.org/	1970-01-19 20:58:50	Name: _hjFirstSeen Value: 1
.nwtf.org/	1970-01-19 20:58:48	Name: _gat Value: 1
.nwtf.org/	1970-01-20 05:44:24	Name: _hjid Value: 6bb31aaf-4acf-48b4-8fff-f2195b8a0b57

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
assets.adobedtm.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d1x9a8onyzyjg4.cloudfront.net
d3gxcg0i30gmh1.cloudfront.net
docs.google.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
match.adsrvr.org
ml314.com
multiview.122.2o7.net
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
script.hotjar.com
secure.adnxs.com
simplifi.partners.tremorhub.com
ssl.gstatic.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bfmio.com
sync.crwdcntrl.net
sync.intentiq.com
sync.multiview.com
sync.search.spotxchange.com
tags.crwdcntrl.net
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.nwtf.org
www.rumiview.com
sync.multiview.com
104.111.215.191
107.23.128.138
13.248.242.197
13.32.121.108
13.36.218.177
142.250.185.130
142.250.186.66
151.101.14.49
159.253.128.188
169.50.137.176
18.66.112.111
18.66.97.10
18.66.97.109
18.66.97.6
185.94.180.126
199.185.0.231
2600:1901:0:8eee::
2600:1f18:612b:4232:5c22:542e:b1d3:5f9
2600:9000:223c:1800:a:58f4:7d00:21
2600:9000:2240:5200:f:86b8:7140:21
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:809::200e
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9b
2a02:26f0:6c00:299::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.120.52.200
3.228.45.187
35.227.248.159
35.244.159.8
35.244.174.68
37.252.172.38
52.209.129.133
52.211.195.119
54.78.254.47
69.173.144.138
72.251.249.14
06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9
0a99cbf9f2583024baf70b4700fdd8e59cf75aa6b4fc95e08498658cea62bc77
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131c56a2a8fb9b66423f0745ded0a67ecdf3d60310f32818a9c44ac73a5ec049
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1e1752eb080860f4b7aafd3a73e84c715498aa3d77e2de7adb31f87ae1e367a1
25851e658c11749af64e1bfdb273f29de193deb1fd33a8ffdfed03701a4ef3cc
29c59136d48cb6c49cd8e82ea7d299e13abc9ebcdef18607934862b510f4bf19
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d6c31771f88c9e0d38f46dc10a06756ab15c0571ec0d48c0564bb59fb0496b
32ab8a2aa77a6327f026a38ff8be759374895a37515166835579a24e45ea23f8
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4707dd31d9f4f00972f4ea9829eb2cfebc84b0d32180839554cb4202c51bebc7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4cf33b07a8cfb23b9de5baa4cf245fd398d0a8ef75f054a4e0512d31f42c6b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5619e988db22ffaee92a69f342383d0c997836bba93eb317293276c1b5e08c1a
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
5b08cf1566edb4ae3bb1c39caf5aa53abdbdf3061117d8f982370dfaf6562dea
5e0974fad03d077a1c7b2601d3ff8a7244019b649ca88a23ea4aeb1b4f037b65
5f8e88ee1bb4ca02facd8f6d925607f71fe12d37f8499397e948921389d0172c
69270ac2d649fbdcc1e60e6e04b87581bdc2a98ce66bbbdfa674f0643cbfd470
6a3c59aade7ee61fda39bb37b9bb0f14755878b73a6e49cda87df19ab9bfadf2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7bd364156128294c03b3bca785db4b9e61812c413d2c562f1beec5d63117ea81
7e4c8611f960efa7b4a8c7341d3548cf46b6651784e2018f6a5b6435ff8509e7
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
8b260fb1f8d40f33abe016333485d9e9b8e743af3711ca620a3ea472157df8de
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2633b749310981ac845b0b710780cbe5cfc7edf311994493cf2df8c52cbe86
9014f5aeb4efe499919303061fcfc91724922c970f248198bbf44ee3ca007690
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9935fbba2ae840ff15629588a6df44bab23b78787629c5cf18520a43463b0f97
993cf5696ecfc110c753de0f8e335fa83d98eea58a0d966a86dc524e6a008f6a
9f949a2832145c1d24fa6a5dc95ffa8e792b9cf71c6afd4c30d8de80de1660c3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
acb3e087bf88bc402af84692e40976e36b616a4e1d1d6aee0dfc0bf1fbc202e5
ada99493ddfb1953fe4c739a9df81c4a3e6d469bc88f0a213ec3437c283535c6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbc9b0efd76e51e1568b05ba966f2476b638e207221c07f0ce960415c8145c4d
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e689c88daab6d4ad066224b75bb5a67a8715d8f150ab136d286fae74bd6f7705
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f66907f599a3927b420687be23d0bdfcb9575c624345e3000bb65b3a1e52b480
fb953a129c519ab5b61343a78dec39d6421f93f36962cb97a6d3a0e4586bedf4
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.nwtf.org Open in urlscan Pro 107.23.128.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

43 %IPv6

36 Domains

49 Subdomains

43 IPs

6 Countries

1129 kBTransfer

3235 kBSize

4 Cookies

17 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nwtf.org Open in urlscan Pro
107.23.128.138 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

43 %
IPv6

36
Domains

49
Subdomains

43
IPs

6
Countries

1129 kB
Transfer

3235 kB
Size

4
Cookies

76 HTTP transactions
0 data transactions