urlscan.io logo urlscan.io
SecurityTrails logo

wlfi.secondstreetapp.com Open in urlscan Pro
199.19.89.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.secondstreetapp.com/m_c_t/27337253/104071634
Effective URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Submission: On November 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 10 countries across 75 domains to perform 565 HTTP transactions. The main IP is 199.19.89.15, located in Belleville, United States and belongs to SSM-NET, US. The main domain is wlfi.secondstreetapp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 23rd 2020. Valid for: 2 years.
This is the only time wlfi.secondstreetapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.19.89.19 54105 (SSM-NET)
1 23 199.19.89.15 54105 (SSM-NET)
3 52.219.105.81 16509 (AMAZON-02)
8 184.30.222.233 20940 (AKAMAI-ASN1)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.215.236 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
46 216.58.212.162 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
1 2 151.101.114.137 54113 (FASTLY)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 34.193.167.244 14618 (AMAZON-AES)
14 23.8.5.15 20940 (AKAMAI-ASN1)
3 209.59.156.234 32244 (LIQUIDWEB)
1 69.16.175.10 20446 (HIGHWINDS3)
1 152.195.34.73 15133 (EDGECAST)
10 199.19.89.14 54105 (SSM-NET)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 2.21.36.164 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 50.28.54.68 32244 (LIQUIDWEB)
1 3.215.93.225 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.111.216.96 16625 (AKAMAI-AS)
1 4 2606:4700:e2:... 13335 (CLOUDFLAR...)
8 151.101.194.133 54113 (FASTLY)
31 2a00:1450:400... 15169 (GOOGLE)
2 73 2a00:1450:400... 15169 (GOOGLE)
4 40.84.148.247 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
3 34.98.72.95 15169 (GOOGLE)
1 52.160.40.218 8075 (MICROSOFT...)
8 2600:9000:218... 16509 (AMAZON-02)
52 3.16.201.133 16509 (AMAZON-02)
1 34.120.253.250 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
6 69.173.144.143 26667 (RUBICONPR...)
5 15 35.244.159.8 15169 (GOOGLE)
16 34.230.171.184 14618 (AMAZON-AES)
6 213.19.147.210 26120 (RHYTHMONE)
7 216.52.2.48 30282 (AS-INAPCD...)
9 20 185.33.221.15 29990 (ASN-APPNEX)
6 67.202.110.21 32748 (STEADFAST)
7 104.111.215.135 16625 (AKAMAI-AS)
2 3.127.95.92 16509 (AMAZON-02)
1 35.227.229.34 15169 (GOOGLE)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
20 13.88.145.64 8075 (MICROSOFT...)
4 2600:9000:218... 16509 (AMAZON-02)
2 13.226.156.26 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:218... 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:207... 16509 (AMAZON-02)
6 151.101.113.194 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 130.211.10.17 15169 (GOOGLE)
4 52.204.18.53 14618 (AMAZON-AES)
1 4 52.29.14.143 16509 (AMAZON-02)
4 104.16.68.69 13335 (CLOUDFLAR...)
3 178.162.133.150 60781 (LEASEWEB-...)
2 54.77.116.112 16509 (AMAZON-02)
2 162.210.196.208 30633 (LEASEWEB-...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 18.196.104.43 16509 (AMAZON-02)
2 2600:9000:218... 16509 (AMAZON-02)
3 52.222.182.122 16509 (AMAZON-02)
2 3 2606:2800:233... 15133 (EDGECAST)
2 193.122.174.27 31898 (ORACLE-BM...)
3 3 69.173.144.165 26667 (RUBICONPR...)
4 4 18.195.155.181 16509 (AMAZON-02)
3 6 178.162.133.149 60781 (LEASEWEB-...)
7 9 213.19.147.150 26120 (RHYTHMONE)
7 7 3.121.79.35 16509 (AMAZON-02)
1 1 172.217.21.226 15169 (GOOGLE)
1 2600:9000:207... 16509 (AMAZON-02)
1 52.73.105.22 14618 (AMAZON-AES)
1 1 88.99.98.223 24940 (HETZNER-AS)
4 52.30.187.36 16509 (AMAZON-02)
2 2 18.194.183.62 16509 (AMAZON-02)
2 3 37.157.2.238 198622 (ADFORM)
3 104.111.215.51 16625 (AKAMAI-AS)
2 18.197.99.6 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 5.39.66.15 16276 (OVH)
2 34.120.207.148 15169 (GOOGLE)
2 104.111.230.142 16625 (AKAMAI-AS)
2 104.111.215.68 16625 (AKAMAI-AS)
2 208.100.17.178 32748 (STEADFAST)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.17.119.107 13335 (CLOUDFLAR...)
1 152.199.22.191 15133 (EDGECAST)
2 52.59.13.226 16509 (AMAZON-02)
1 1 37.157.6.246 198622 (ADFORM)
565 99
2    199.19.89.19 (Belleville, United States)

ASN54105 (SSM-NET, US)
api.secondstreetapp.com
23    199.19.89.15 (Belleville, United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-15.secondstreetmedia.com
wlfi.secondstreetapp.com
embed-740867.secondstreetapp.com
3    52.219.105.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com
8    184.30.222.233 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
www.wlfi.com
3    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
6    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.111.215.236 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-236.deploy.static.akamaitechnologies.com
s.ntv.io
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2182:5200:11:193f:ab80:21 (United States)

ASN16509 (AMAZON-02, US)
d3gpkdwom7cn1q.cloudfront.net
46    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
i.clean.gg
2    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.193.167.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
s.clickability.com
14    23.8.5.15 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-5-15.deploy.static.akamaitechnologies.com
media.heartlandtv.com
3    209.59.156.234 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
ftp2.wlfi.com
1    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
video-static-01.clipsyndicate.com
1    152.195.34.73 (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
10    199.19.89.14 (Belleville, United States)

ASN54105 (SSM-NET, US)
embed.secondstreetapp.com
media.secondstreetapp.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    50.28.54.68 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
heartbeat.heartlandtv.com
1    3.215.93.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
3    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
7    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com
27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com
b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com
fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com
2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com
33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com
9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com
9    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com
z.moatads.com
4    2606:4700:e2::ac40:8426 (United States)

ASN13335 (CLOUDFLARENET, US)
api.traq.li
8    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.includemodal.com
31    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
73    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
cm.g.doubleclick.net
4    40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ads3.mthsense.com
5    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    34.98.72.95 (United States)

ASN15169 (GOOGLE, US)
assets.bounceexchange.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
8    2600:9000:2182:8000:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
52    3.16.201.133 (Columbus, United States)

ASN16509 (AMAZON-02, US)
includemodal.com
1    34.120.253.250 (United States)

ASN15169 (GOOGLE, US)
tag.bounceexchange.com
4    2a00:1450:4001:81c::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
os4m-d.openx.net
insticator-d.openx.net
eu-u.openx.net
us-u.openx.net
16    34.230.171.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
x.yieldlift.com
6    213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
7    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
20    185.33.221.15 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    67.202.110.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net
ssc.33across.com
7    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
as-sec.casalemedia.com
2    3.127.95.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
1    35.227.229.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
api.bounceexchange.com
1    2a02:26f0:1700:d::1737:6ea4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
csp.azureedge.net
20    13.88.145.64 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
4    2600:9000:2182:e400:5:ee0e:9e80:21 (United States)

ASN16509 (AMAZON-02, US)
d3oi8laqsvc6ey.cloudfront.net
2    13.226.156.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
d2na2p72vtqyok.cloudfront.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
publish.vuukle.com
2    2600:9000:2182:3400:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
5    2606:4700:10::6814:190b (United States)

ASN13335 (CLOUDFLARENET, US)
geoip.insticator.com
b2c.insticator.com
event.insticator.com
2    2600:9000:2070:4400:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
6    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    130.211.10.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
www.justapinch.com
4    52.204.18.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pa.rxthdr.com
4    52.29.14.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
ad.360yield.com
4    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
3    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    54.77.116.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
2    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.emxdgt.com
2    2600:9000:2182:3000:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
3    52.222.182.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-122.ham50.r.cloudfront.net
c.amazon-adsystem.com
3    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com
2    193.122.174.27 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)
prebid.technoratimedia.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
6    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
9    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
cm.g.doubleclick.net
1    2600:9000:2070:6000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    52.73.105.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
1    88.99.98.223 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
4    52.30.187.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    18.194.183.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-62.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    104.111.215.51 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-51.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    2a02:fa8:8806:13::1430 (Sweden)

ASN41041 (VCLK-EU-, SE)
aol-match.dotomi.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    5.39.66.15 (France)

ASN16276 (OVH, FR)
id5-sync.com
2    34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
api.rlcdn.com
2    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.111.215.68 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-68.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    208.100.17.178 (Chicago, United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
2    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    52.59.13.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
euc-ice.360yield.com
1    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
Apex Domain
Subdomains		 Transfer
63 googlesyndication.com
2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com
b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com
fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com
2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com
33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com
9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com
420 KB
60 includemodal.com
cdn.includemodal.com
includemodal.com
152 KB
52 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
737 KB
35 secondstreetapp.com
api.secondstreetapp.com
wlfi.secondstreetapp.com
embed-740867.secondstreetapp.com
embed.secondstreetapp.com
media.secondstreetapp.com
1 MB
31 googletagservices.com
www.googletagservices.com
779 KB
23 adnxs.com
ib.adnxs.com
acdn.adnxs.com
16 KB
21 cloudfront.net
d3gpkdwom7cn1q.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
490 KB
20 windows.net
citysparkstorage.blob.core.windows.net
442 KB
16 yieldlift.com
x.yieldlift.com
12 KB
15 openx.net
os4m-d.openx.net
insticator-d.openx.net
eu-u.openx.net
us-u.openx.net
4 KB
15 heartlandtv.com
media.heartlandtv.com
heartbeat.heartlandtv.com
370 KB
13 google.com
adservice.google.com
www.google.com
2 KB
12 1rx.io
tag.1rx.io
sync.1rx.io
6 KB
12 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
storage.googleapis.com
1 MB
11 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
9 KB
11 wlfi.com
www.wlfi.com
ftp2.wlfi.com
2 MB
10 gstatic.com
fonts.gstatic.com
222 KB
9 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
5 KB
8 33across.com
ssc.33across.com
ssc-cms.33across.com
2 KB
8 google.de
adservice.google.de
2 KB
7 bidswitch.net
x.bidswitch.net
3 KB
7 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
5 KB
7 lijit.com
ap.lijit.com
4 KB
6 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
1 KB
6 360yield.com
ice.360yield.com
euc-ice.360yield.com
ad.360yield.com
3 KB
6 fastly.net
confiant-integrations.global.ssl.fastly.net
198 KB
5 advertising.com
adserver-us.adtech.advertising.com
pixel.advertising.com
2 KB
5 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
1005 B
5 bounceexchange.com
assets.bounceexchange.com
tag.bounceexchange.com
api.bounceexchange.com
110 KB
4 adform.net
c1.adform.net
track.adform.net
1 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
188 B
4 districtm.io
dmx.districtm.io
cdn.districtm.io
493 B
4 rxthdr.com
pa.rxthdr.com
569 B
4 mthsense.com
ads3.mthsense.com
14 KB
4 traq.li
api.traq.li
15 KB
4 addthis.com
s7.addthis.com
m.addthis.com
191 KB
4 facebook.net
connect.facebook.net
122 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 technoratimedia.com
prebid.technoratimedia.com
ad-cdn.technoratimedia.com
407 B
3 amazon-adsystem.com
c.amazon-adsystem.com
33 KB
3 vuukle.com
cdn.vuukle.com
publish.vuukle.com
192 KB
3 google-analytics.com
www.google-analytics.com
37 KB
3 cloudflare.com
cdnjs.cloudflare.com
54 KB
3 googletagmanager.com
www.googletagmanager.com
110 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com
96 KB
3 amazonaws.com
s3.us-east-2.amazonaws.com
156 KB
2 brealtime.com
biddr.brealtime.com
2 aralego.net
cdn.aralego.net
2 rlcdn.com
api.rlcdn.com
273 B
2 id5-sync.com
id5-sync.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 aralego.com
hb.aralego.com
666 B
2 gumgum.com
g2.gumgum.com
1 KB
2 sharethrough.com
btlr.sharethrough.com
239 B
2 twitter.com
platform.twitter.com
29 KB
2 cityspark.com
cdn.cityspark.com
p.cityspark.com
20 KB
2 connatix.com
cd.connatix.com
cds.connatix.com
244 KB
2 clean.gg
i.clean.gg
104 B
1 quantserve.com
pixel.quantserve.com
506 B
1 dotomi.com
aol-match.dotomi.com
104 B
1 splicky.com
bidswitch-eu.splicky.com
236 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 justapinch.com
www.justapinch.com
72 KB
1 geojs.io
get.geojs.io
968 B
1 googleadservices.com
partner.googleadservices.com
411 B
1 facebook.com
www.facebook.com
1 azureedge.net
csp.azureedge.net
61 KB
1 addthisedge.com
v1.addthisedge.com
714 B
1 moatads.com
z.moatads.com
1 KB
1 postrelease.com
jadserve.postrelease.com
636 B
1 clipsyndicate.com
video-static-01.clipsyndicate.com
37 KB
1 clickability.com
s.clickability.com
949 B
1 ntv.io
s.ntv.io
99 KB
565 75
Domain Requested by
52 includemodal.com wlfi.secondstreetapp.com
45 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
wlfi.secondstreetapp.com
31 tpc.googlesyndication.com d3gpkdwom7cn1q.cloudfront.net
wlfi.secondstreetapp.com
31 www.googletagservices.com wlfi.secondstreetapp.com
d3gpkdwom7cn1q.cloudfront.net
25 pagead2.googlesyndication.com wlfi.secondstreetapp.com
securepubads.g.doubleclick.net
d3gpkdwom7cn1q.cloudfront.net
pagead2.googlesyndication.com
21 embed-740867.secondstreetapp.com wlfi.secondstreetapp.com
d3gpkdwom7cn1q.cloudfront.net
embed-740867.secondstreetapp.com
20 citysparkstorage.blob.core.windows.net wlfi.secondstreetapp.com
20 ib.adnxs.com 9 redirects storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
www.justapinch.com
16 x.yieldlift.com storage.googleapis.com
wlfi.secondstreetapp.com
14 media.heartlandtv.com wlfi.secondstreetapp.com
10 fonts.gstatic.com wlfi.secondstreetapp.com
fonts.googleapis.com
9 media.secondstreetapp.com wlfi.secondstreetapp.com
8 eu-u.openx.net 5 redirects wlfi.secondstreetapp.com
8 d2s8wlbatk24s7.cloudfront.net cdn.includemodal.com
d3oi8laqsvc6ey.cloudfront.net
8 cdn.includemodal.com d3gpkdwom7cn1q.cloudfront.net
8 adservice.google.com d3gpkdwom7cn1q.cloudfront.net
wlfi.secondstreetapp.com
8 adservice.google.de d3gpkdwom7cn1q.cloudfront.net
wlfi.secondstreetapp.com
8 www.wlfi.com wlfi.secondstreetapp.com
7 x.bidswitch.net 7 redirects
7 ap.lijit.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
www.justapinch.com
7 fonts.googleapis.com www.wlfi.com
wlfi.secondstreetapp.com
embed-740867.secondstreetapp.com
6 sync.1rx.io 6 redirects
6 sync.go.sonobi.com 3 redirects d3gpkdwom7cn1q.cloudfront.net
wlfi.secondstreetapp.com
6 confiant-integrations.global.ssl.fastly.net wlfi.secondstreetapp.com
6 htlb.casalemedia.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
6 ssc.33across.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
6 tag.1rx.io storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
6 fastlane.rubiconproject.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
5 www.google.com d3gpkdwom7cn1q.cloudfront.net
4 match.adsrvr.org df80k0z3fi8zg.cloudfront.net
4 cm.g.doubleclick.net 3 redirects
4 cs.emxdgt.com 4 redirects
4 pa.rxthdr.com df80k0z3fi8zg.cloudfront.net
4 d3oi8laqsvc6ey.cloudfront.net d3gpkdwom7cn1q.cloudfront.net
4 os4m-d.openx.net storage.googleapis.com
4 storage.googleapis.com d3gpkdwom7cn1q.cloudfront.net
4 ads3.mthsense.com d3gpkdwom7cn1q.cloudfront.net
4 api.traq.li 1 redirects wlfi.secondstreetapp.com
ajax.googleapis.com
4 connect.facebook.net d3gpkdwom7cn1q.cloudfront.net
embed-740867.secondstreetapp.com
connect.facebook.net
3 acdn.adnxs.com d3gpkdwom7cn1q.cloudfront.net
wlfi.secondstreetapp.com
3 c1.adform.net 2 redirects
3 sync.targeting.unrulymedia.com 1 redirects
3 pixel.rubiconproject.com 3 redirects
3 adserver-us.adtech.advertising.com 2 redirects wlfi.secondstreetapp.com
3 c.amazon-adsystem.com d3gpkdwom7cn1q.cloudfront.net
c.amazon-adsystem.com
3 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
www.justapinch.com
3 assets.bounceexchange.com d3gpkdwom7cn1q.cloudfront.net
3 www.google-analytics.com d3gpkdwom7cn1q.cloudfront.net
www.google-analytics.com
3 s7.addthis.com wlfi.secondstreetapp.com
d3gpkdwom7cn1q.cloudfront.net
3 cdnjs.cloudflare.com wlfi.secondstreetapp.com
d3gpkdwom7cn1q.cloudfront.net
3 ftp2.wlfi.com wlfi.secondstreetapp.com
3 www.googletagmanager.com wlfi.secondstreetapp.com
www.googletagmanager.com
d3gpkdwom7cn1q.cloudfront.net
3 maxcdn.bootstrapcdn.com wlfi.secondstreetapp.com
maxcdn.bootstrapcdn.com
3 s3.us-east-2.amazonaws.com wlfi.secondstreetapp.com
2 ad.360yield.com 1 redirects
2 euc-ice.360yield.com
2 biddr.brealtime.com wlfi.secondstreetapp.com
2 cdn.districtm.io wlfi.secondstreetapp.com
2 cdn.aralego.net wlfi.secondstreetapp.com
2 ssc-cms.33across.com wlfi.secondstreetapp.com
2 ads.pubmatic.com wlfi.secondstreetapp.com
2 eus.rubiconproject.com wlfi.secondstreetapp.com
2 api.rlcdn.com df80k0z3fi8zg.cloudfront.net
2 id5-sync.com df80k0z3fi8zg.cloudfront.net
2 pixel.advertising.com
2 a.sportradarserving.com 2 redirects
2 prebid.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 dh014lg6uwepv.cloudfront.net wlfi.secondstreetapp.com
2 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
2 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
2 hb.aralego.com df80k0z3fi8zg.cloudfront.net
2 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
2 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
2 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
2 ice.360yield.com df80k0z3fi8zg.cloudfront.net
2 df80k0z3fi8zg.cloudfront.net wlfi.secondstreetapp.com
2 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 googleads.g.doubleclick.net wlfi.secondstreetapp.com
2 d3lcz8vpax4lo2.cloudfront.net wlfi.secondstreetapp.com
2 cdn.vuukle.com wlfi.secondstreetapp.com
2 d2na2p72vtqyok.cloudfront.net wlfi.secondstreetapp.com
2 btlr.sharethrough.com storage.googleapis.com
2 platform.twitter.com embed-740867.secondstreetapp.com
platform.twitter.com
2 i.clean.gg d3gpkdwom7cn1q.cloudfront.net
2 wlfi.secondstreetapp.com 1 redirects
2 api.secondstreetapp.com 1 redirects d3gpkdwom7cn1q.cloudfront.net
1 track.adform.net 1 redirects
1 ad-cdn.technoratimedia.com wlfi.secondstreetapp.com
1 pixel.quantserve.com 1 redirects
1 aol-match.dotomi.com
1 bidswitch-eu.splicky.com 1 redirects
1 9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 ping.chartbeat.net
1 static.chartbeat.com d3gpkdwom7cn1q.cloudfront.net
1 33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 us-u.openx.net wlfi.secondstreetapp.com
1 as-sec.casalemedia.com www.justapinch.com
1 www.justapinch.com d3gpkdwom7cn1q.cloudfront.net
1 get.geojs.io wlfi.secondstreetapp.com
1 partner.googleadservices.com wlfi.secondstreetapp.com
1 b2c.insticator.com d3gpkdwom7cn1q.cloudfront.net
1 publish.vuukle.com cdn.vuukle.com
1 2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 www.facebook.com connect.facebook.net
1 27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com wlfi.secondstreetapp.com
1 csp.azureedge.net d3gpkdwom7cn1q.cloudfront.net
1 api.bounceexchange.com d3gpkdwom7cn1q.cloudfront.net
1 tag.bounceexchange.com d3gpkdwom7cn1q.cloudfront.net
1 p.cityspark.com d3gpkdwom7cn1q.cloudfront.net
1 m.addthis.com d3gpkdwom7cn1q.cloudfront.net
1 v1.addthisedge.com d3gpkdwom7cn1q.cloudfront.net
1 z.moatads.com d3gpkdwom7cn1q.cloudfront.net
1 2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com d3gpkdwom7cn1q.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 jadserve.postrelease.com d3gpkdwom7cn1q.cloudfront.net
1 heartbeat.heartlandtv.com s3.us-east-2.amazonaws.com
1 embed.secondstreetapp.com wlfi.secondstreetapp.com
1 cdn.cityspark.com wlfi.secondstreetapp.com
1 video-static-01.clipsyndicate.com wlfi.secondstreetapp.com
1 s.clickability.com wlfi.secondstreetapp.com
1 cds.connatix.com wlfi.secondstreetapp.com
1 cd.connatix.com 1 redirects
1 d3gpkdwom7cn1q.cloudfront.net wlfi.secondstreetapp.com
1 s.ntv.io wlfi.secondstreetapp.com
1 ajax.googleapis.com wlfi.secondstreetapp.com
565 128
Subject Issuer Validity Valid
*.secondstreetapp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-23 -
2022-07-23		 2 years crt.sh
*.s3.us-east-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-07-24 -
2021-05-27		 10 months crt.sh
media.heartlandtv.com
Go Daddy Secure Certificate Authority - G2		 2020-07-07 -
2021-09-05		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2019-11-18 -
2021-02-16		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
i.clean.gg
GTS CA 1D2		 2020-10-27 -
2021-01-25		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.clickability.com
Go Daddy Secure Certificate Authority - G2		 2019-03-27 -
2021-05-26		 2 years crt.sh
ftp2.wlfi.com
cPanel, Inc. Certification Authority		 2020-10-19 -
2021-01-17		 3 months crt.sh
*.clipsyndicate.com
Go Daddy Secure Certificate Authority - G2		 2018-12-17 -
2020-12-17		 2 years crt.sh
sa179gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-22		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-07-22 -
2021-10-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
heartbeat.heartlandtv.com
cPanel, Inc. Certification Authority		 2020-10-19 -
2021-01-17		 3 months crt.sh
*.postrelease.com
Amazon		 2020-02-28 -
2021-03-28		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
cdn.includemodal.com
Let's Encrypt Authority X3		 2020-09-06 -
2020-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
ads3.mthsense.com
Go Daddy Secure Certificate Authority - G2		 2019-09-03 -
2020-11-01		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
assets.bounceexchange.com
GTS CA 1D2		 2020-10-28 -
2021-01-26		 3 months crt.sh
*.cityspark.com
Go Daddy Secure Certificate Authority - G2		 2020-02-13 -
2022-04-13		 2 years crt.sh
includemodal.com
Amazon		 2019-12-13 -
2021-01-13		 a year crt.sh
tag.bounceexchange.com
Let's Encrypt Authority X3		 2020-10-30 -
2021-01-28		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.yieldlift.com
Amazon		 2020-02-16 -
2021-03-16		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
api.bounceexchange.com
GTS CA 1D2		 2020-10-27 -
2021-01-25		 3 months crt.sh
*.azureedge.net
Microsoft IT TLS CA 5		 2019-01-24 -
2021-01-24		 2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2020-10-20 -
2021-10-20		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2020-08-24 -
2021-08-24		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2020-04-22 -
2022-05-30		 2 years crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
pa.rxthdr.com
Amazon		 2020-01-17 -
2021-02-17		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2019-12-16 -
2020-12-30		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2020-10-04 -
2021-03-31		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.id5-sync.com
Let's Encrypt Authority X3		 2020-09-27 -
2020-12-26		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh

This page contains 59 frames:

Primary Page: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Frame ID: 9ABC05448B554A29908F6096702E6D51
Requests: 123 HTTP requests in this frame

Frame: https://cds.connatix.com/p/72804/connatix.playspace.dc.js
Frame ID: 8824CF5F427E8835D5C367216A468740
Requests: 1 HTTP requests in this frame

Frame: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Frame ID: 50586BC36E9EEAC86AAAF139BFF4B891
Requests: 41 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2A29EF8AFD4674E614E2334DDC0044EB
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: ECEAABDC4C08E7E31F908CFA9EE35CAC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 78CBB992DB8AE136A9233FB47719D413
Requests: 10 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: BBEFBAD50F5498D8EE85D885798C1422
Requests: 19 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 4048C98585770DDB8A2A54EE1592580B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: EC8916BB363019C4325D16CA022B9028
Requests: 10 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 6821001CA1008F4153F47DC6C05BBD61
Requests: 19 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 7F48444F35CA2F2A2D406A712B62D930
Requests: 11 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 479021F50AB533880A4321E14E244CD8
Requests: 12 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 61AC0BA55E2F2C499A9FE53E9D23B4FC
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 21BD82321A2946C7BB3A521910C55AF3
Requests: 5 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: A100D14F48182FD7736B2E18EAB4AF4D
Requests: 25 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 37D2F9367E8946374A0F60378E68EBFA
Requests: 20 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 7716C6318499623B0E58E6F883B1C736
Requests: 26 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 9D7958A33D7948D48DC2C26BF51361AB
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 1CFCE0047C1CBD88176EDDB6ECA560BB
Requests: 26 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fembed-740867.secondstreetapp.com
Frame ID: 17F149AE8F16F3A601F7DC7632CAD845
Requests: 1 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: C9F42C96EC1F04EB6D72811C841DFF7B
Requests: 51 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: 6DB624505894048CE771194156075347
Requests: 17 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: 57C0F12E361AC71CCA6302A6A5E9DB7B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B6D9E8E2FCB81EED41872E06523ED0BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: 8ADB1CCF4931AFE614934B45B280F95D
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 7EFF53A6A734F643FC1593CFE338F2E6
Requests: 1 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: 0A212E781A870494C87A9642CA4A0FF9
Requests: 54 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: F6E987149DFC5EFCE027B4BE1C6B5B95
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: AA8097F4414552A709033BC448511DD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1371259615228212&output=html&h=90&slotname=7232116900&adk=1483507816&adf=615122506&pi=t.ma~as.7232116900&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604331928404&bpp=18&bdt=318&idt=476&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&correlator=2308923708&frm=23&ife=4&pv=2&ga_vid=131401762.1604331925&ga_sid=1604331929&ga_hid=1446330410&ga_fc=1&iag=63&icsg=2698&nhd=3&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=1412906946&scr_x=0&scr_y=0&oid=3&pvsid=2459483705012349&pem=574&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.p8xae9wd943g&fsb=1&dtd=536
Frame ID: 0C61302B5D6C6204E72C1B8D357803DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 16F9BE990437CA56612D1FF47287A749
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 547D1124BBF70C2E071C8329157B286D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6E7DA087F88053BAE458DBFFA634552C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWnuZH6sk7rS0M-zO9DcgWSPne3UQvFR6dLeHBYtHc0PIQaPCSUL5f0uQnlh2Uxw2viJ3wizQoxIyc3UKmQwkl-RVXlT_B9BsnF7P--gc6S840-sUjhrzzlIaM3lI1U0T6T--ouVU9cW-3evgLlxoYXKZHp7oozNP4WFv7uZ5EyX7_1iEWgFVHuMZ_F4H2xkMhd4sRgCaOS59P-xSXsHSdDt8llTjBPbVQBe-sNWitKydeoNaMcf1KGrwC4rA9nyDGuu_LQPq-B4326laFTK5sZ14oNeo&sig=Cg0ArKJSzGsWQh8OYwAMEAE&adurl=
Frame ID: CCED372C294CCB90403CF7E863B2C7BA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzNIZZ3QTvMXMcm0P2nSuB2_opCbvutEY_-bl8op--VbOKHgbjOelJiQISQCvlUfKj1gC-xlzeBdYvxjhBNYgZkwygltXavsQAuSUoOkZXlwY-9MyuZ9-W4517u8PHr8XNLbQwVGTQ4SrU9uNvZpEjN9RXIeDRGui8C-QeQDgqrlW0ufZ-A2x5D7YOUjuUDdqNgF0JoQJOaILZjPJBC2klnUCtRYohaefN6UHGAHAqK690yFEE5YC_IrxgLYic6m5p43n5OjONyHTrAZqyioOAUjl3iEY&sig=Cg0ArKJSzGzhxA4Ceik6EAE&adurl=
Frame ID: 77752A817C05B96EA731AEF2D1E4FA6A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 357D85D2B6C4985983EB4060C7633811
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: F4F0E084ABA570D78912583EFD098CAB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_WPSmfpbCcnlJgZh62zmhm9CmfazOaKXwmfBu3ubyNHxlfyCdxwYt4ihVXgzmDx-wdd8FNmYVpiOHxhNRsYTBdabUXB02b2rJlS_LzeZQ2tHdYUzo-tyTAmpHHh3bbN1yW4XBzGMUPoR6q9AEnLmXA2yqef48nXrpU4Eqi5jGn4ME3nBkYJIQCtLVq9m7UL1wnaEEfOv3-Yr3k2sJgC57OmYAEzY9VfcgGeviPj3h6qPSnrGuPMCR6XKV-vQ8-kySAOeQgH7UbBG-Tm5JlPuo0csuRt4&sig=Cg0ArKJSzDBBGbx-N-guEAE&adurl=
Frame ID: A10DCCE916674412C608EE933640C72C
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A2F65EC22E6D966EFD6B618EA3DF7E36
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4bd1642a73
Frame ID: 573DAF69659593884A809A646B1B1764
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1C25F1B520DEE98FEFCD84E8784166BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 15DBD5BDBE2DD6AA2F1F8500AB7C9890
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=avHmsEZx0r6ikSaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8458B43B0669D96312BFAC84EBBDBAEB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: 8E3EE358DAFD9F7BC4249E57E04341AB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 45E65B6439DE2A861F149663A6E4498C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B9A65E9365F4A2493B8B0FA1881E2499
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=e315a43aa9
Frame ID: 15852D19158924238348AE363029A308
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 686D90876ABD9081366A137F7FF13D09
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 259AFA915D11A3487E097B9956547DE7
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.44.7
Frame ID: B6F0ACD8954C98ACEB86CC23DAA6B5BF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: EEF9B1FF7F2002BFF3ABD232DB2BB107
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A2EA4A4DEAFEDD1444D106A3DDBCA641
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: 3E7643161452768355D03014CA63390A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CEC7DD4F8540E58A7678DFB1E0974497
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=e315a43aa9
Frame ID: 41AE02085F2191827E6566F777168061
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=afHfg4Zx0r6kLoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 61FF5AC6C08808EF9A47F7F17D98FF73
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: CABBC2FE25C2D6D66BCB7E3260421037
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A61A6D5B920CF7019F8C58025FA703C7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: EBE42F23B5B6CBA95CC54CE71AD0C669
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://api.secondstreetapp.com/m_c_t/27337253/104071634 HTTP 302
    http://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/ HTTP 302
    https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

565
Requests

96 %
HTTPS

34 %
IPv6

75
Domains

128
Subdomains

99
IPs

10
Countries

10174 kB
Transfer

22367 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.secondstreetapp.com/m_c_t/27337253/104071634 HTTP 302
    http://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/ HTTP 302
    https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/72804/connatix.playspace.dc.js
Request Chain 67
  • https://api.traq.li/public/sdk/v03/sdk.js HTTP 301
  • https://api.traq.li/public/sdk/v04/sdk.js
Request Chain 394
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;apid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687
Request Chain 448
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Request Chain 449
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Request Chain 450
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2439992024379757519&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2439992024379757519brt153591604331930737043f1
Request Chain 451
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Request Chain 452
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=3639051305 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=3639051305 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005&google_hm=NjcwNjU4YzMtMDlmNC00YTcxLTliNjMtNDVjYTNmOTk2MDA1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEXqREqZu3aihNCinEkc-Bg&google_cver=1&ssp=adconductor&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3DRX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003 HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Request Chain 453
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJWPxOJca5jGh1ZpeX3Qr4U&google_cver=1
Request Chain 486
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=2225404143 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=670658c3-09f4-4a71-9b63-45ca3f996005 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Request Chain 487
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$UIDbrt153591604331930737043f1 HTTP 302
  • https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Request Chain 488
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDY1ZDAxMmUtYTg0OC02ZDdhLTQxZTEtMjE0MDk4NzU4NGYx
Request Chain 489
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Request Chain 490
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Request Chain 491
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Request Chain 492
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$UIDbrt153591604331930737043f1 HTTP 302
  • https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Request Chain 493
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Request Chain 494
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Request Chain 495
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=2a32d2e4-613f-33de-5401-7bf952974a91&gdpr=0
Request Chain 496
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Request Chain 497
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=907564492 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ef4c866a-eba8-49fb-adec-843cf5892352&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Request Chain 498
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2165549086040490199
Request Chain 528
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=FPds6BOoNLwMpj25FqIg6RGjabkMpzjrQKk2AUHQ
Request Chain 536
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Request Chain 559
  • https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40 HTTP 302
  • https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=2951839626017119774&publisher_dsp_id=40
Request Chain 560
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=ab70cc28-154f-4a92-82e5-4d2f246c3566&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1605541536&external_user_id=3446002491012008483
Request Chain 561
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=YWI3MGNjMjgtMTU0Zi00YTkyLTgyZTUtNGQyZjI0NmMzNTY2&dsp_callback=0 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1

565 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Redirect Chain
  • https://api.secondstreetapp.com/m_c_t/27337253/104071634
  • http://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
  • https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
78 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
839bbf8a65f3111e6e19b5e95eab234506b6da9221855faa2fc62a0c467916b2

Request headers

Host
wlfi.secondstreetapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-StackifyID
V2|62af0bd9-bef4-4c1f-9ed6-c2ea7d1bbadb|C69601|CD12
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-SS
79
X-Powered-By
ASP.NET
Date
Mon, 02 Nov 2020 15:45:22 GMT
Content-Length
14411

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Server
Microsoft-IIS/10.0
X-StackifyID
V2|89dc8829-6fdf-4d5f-984f-3d871c40ae16|C69601|CD9
X-SS
114
X-Powered-By
ASP.NET
Date
Mon, 02 Nov 2020 15:45:21 GMT
Content-Length
190
vendor.min.css
s3.us-east-2.amazonaws.com/heartland-css/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/heartland-css/vendor.min.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3d9ccf39c14168986c8c08c9ebca94269c87cfb2db18bb8ca2fc6b85d9511335

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Thu, 16 Aug 2018 11:42:15 GMT
Server
AmazonS3
x-amz-request-id
7C685D173BD7E520
ETag
"bc620c9f0838faf74af47156629c5cd2"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
123493
x-amz-id-2
2E7lKfag0MmDje7HxfXu35B8iPCAeMBOFFJtZFLUiuGsDxOZs6/6uHCKnCeFfYxrrVZZsvlzOks=
styles.min.css
www.wlfi.com/includes/ 		173 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/styles.min.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
94db4ddc3645556e1694e4222fb052423b20485050cc2ed54f4d5117f5619fcc

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:23 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 01 Aug 2018 18:20:25 GMT
X-Server-Name
az-cmlive19
Vary
Accept-Encoding
Content-Type
text/css;charset=utf-8
Connection
keep-alive
Content-Length
33089
Server
Apache
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
heartland.css
s3.us-east-2.amazonaws.com/heartland-css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/heartland-css/heartland.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ecbf8ef5982068a28613af44ce4955a5d0b19e8c274cb1c39282edd4b9a2782

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Tue, 06 Mar 2018 17:29:01 GMT
Server
AmazonS3
x-amz-request-id
564EE0C215FB93BF
ETag
"e8dd3f455d5900159fec5be7891ab42f"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
11904
x-amz-id-2
7vbvLvFlH7mdUiS93YtCdapU0DiUjaR2dqgUUzdwk3ukEu9S/fk1pmko7BXHzp0yG4AVtKt3Yj0=
bootstrap-grid.css
s3.us-east-2.amazonaws.com/heartland-css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-2.amazonaws.com/heartland-css/bootstrap-grid.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.105.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
94a4f339f46f66d24a75fc71782aab04965fc941e839258905749ecbbdaacacc

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Mon, 06 Nov 2017 23:25:12 GMT
Server
AmazonS3
x-amz-request-id
CX4W3ZFT6V5H1T9M
ETag
"51db714d43b5e36c818e1dc54d813da8"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
23092
x-amz-id-2
x5Qswl67SmmZcnzEv4oxHhslFKZRsa1erXr/yw/XpJHdJJH4T39jx2pumPH+Xvz88LbCc0yBP3s=
smart-app-banner.css
www.wlfi.com/includes/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/smart-app-banner.css
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
405075821d150ecec62181a1e9afcb5943b14ebe6359a8c7e8264a3aa2f48b30

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:23 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 16 Jan 2018 16:42:00 GMT
X-Server-Name
az-cmlive1
Vary
Accept-Encoding
Content-Type
text/css;charset=utf-8
Connection
keep-alive
Content-Length
1314
Server
Apache
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2345
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Nov 2021 15:06:18 GMT
css
fonts.googleapis.com/ 		4 KB
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900
Requested by
Host: www.wlfi.com
URL: https://www.wlfi.com/includes/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbd14178882a785cfafcfd78f13f3ced7384e0be71483b9d700fb5915a6bca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wlfi.com/includes/styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:20:06 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:23 GMT
modernizr.min.js
www.wlfi.com/includes/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/modernizr.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
e972d187856b7eecff4edcf05b77397ffd09ffebbe19e44e7153d195d65fd48e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Mon, 06 Nov 2017 11:49:42 GMT
X-Server-Name
az-cmlive1
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
3341
Server
Apache
load.js
s.ntv.io/serve/ 		341 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.236 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14a25c417bcf2315cb0802a430acd5ede7e41519db45e627e67076ae838a2302

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
x-amz-request-id
14C7E71E2E709DF1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
zfWN5axY+kwLSgWwLroU00Wsema1SFdvTH77hcGakDJ5KrCV2pSMjCl44i0GnLds42h+/iMhPHc=
Last-Modified
Thu, 22 Oct 2020 22:24:51 GMT
Server
AmazonS3
ETag
"e159640f9d1610ed3af5a26bd7ca37b7"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Akamai-Path-Stats
[1:148:852]
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54612925-18
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d01fcfffd7726fe78ce828c5d6621e5ace667cfc03413ba23b26ef9ad27eddb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38220
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Nov 2020 15:45:24 GMT
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 420 of 1000 / last-modified: 1604318888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:24 GMT
smart-app-banner.js
www.wlfi.com/includes/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/smart-app-banner.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
c6790a64a8179819745c8ffd13e3b25b2e2e6b7bde326b0eebb1ae5fa05dcb97

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 20 Dec 2017 13:00:17 GMT
X-Server-Name
az-cmlive19
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
6746
Server
Apache
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54612925-17&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54612925-18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c8bc13e0a228a2f00f0c27e4d2e1711b489924677e1d73cba8836fcd4e973db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38249
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Nov 2020 15:45:24 GMT
script.js
d3gpkdwom7cn1q.cloudfront.net/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3gpkdwom7cn1q.cloudfront.net/script.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5200:11:193f:ab80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
605be087ed72659e91cb5cb8197edd6bb2c10240427dba6daf12f08bfa3e369d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:15 GMT
content-encoding
gzip
last-modified
Mon, 02 Nov 2020 10:14:22 GMT
server
AmazonS3
age
10
etag
"bd6d9e3fb118de360918c8ffc1b6d43d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
uwYPGSKfPS6v800a4H1gU9tbX_Db9HU8QyczJUgEAlbZOiuauoAEzg==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:24 GMT
1a
i.clean.gg/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
server
nginx/1.17.4
date
Mon, 02 Nov 2020 15:45:24 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
connatix.playspace.dc.js
cds.connatix.com/p/72804/ Frame 8824
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/72804/connatix.playspace.dc.js
1017 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/72804/connatix.playspace.dc.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1bcbd4f2778db8203f4da2641b15f0a890c7411e8fd70af45afe76c8356b100

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
age
21523
x-cache
HIT, HIT
status
200
content-length
249739
x-served-by
cache-dca17747-DCA, cache-hhn4059-HHN
access-control-allow-origin
*
last-modified
Mon, 02 Nov 2020 08:31:08 GMT
x-timer
S1604331925.664401,VS0,VE0
etag
"9d5aaaa1cad20e0d3721a2072ee443e8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 3693

Redirect headers

date
Mon, 02 Nov 2020 15:45:24 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-hhn4059-HHN
status
302
x-cache
HIT
location
https://cds.connatix.com/p/72804/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1604331925.627092,VS0,VE0
content-length
0
retry-after
0
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f061763f44a13b00e797586045aeeb9375748030c7eaeb152d8317166998f388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ctNuM0DZzNLKew08GuQz/w==
status
200
cross-origin-resource-policy
cross-origin
content-length
1777
etag
"93edf69f92741d11e18a771ae9dcf5a4"
x-fb-debug
3M6+fCZKK0qPUX85s49xp3Jtx//BRq2bptpEI7/ASn5CU/dhO9ahNfPmZTV34W58/8pfDoOSOwGeZCgGyx/uSg==
x-fb-trip-id
664085054
x-fb-content-md5
98837e438d593211f1b4feccceede156
x-frame-options
DENY
date
Mon, 02 Nov 2020 15:45:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Nov 2020 15:52:10 GMT
s
s.clickability.com/ 		42 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.clickability.com/s?&5=-60&35=0&6=903163273&7=3163273&8=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&9=&10=Contests%20-%20West%20Lafayette%20News%2C%20Weather%2C%20Sports%20%26%20Breaking%20News%20%E2%80%93%20WLFI%20News%2018&11=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&12=en-US&13=0&14=1.5&15=1&16=1600x1200&17=24&18=0.5877024373723234&19=910
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.167.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Server-Name
(null)
P3P
policyref="http://www.clickability.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Content-Length
42
Server
Apache
300x100px.png
media.heartlandtv.com/designimages/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/designimages/300x100px.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20b2b1f8568946c07b704b2c3c9950063e1ddbbd327876d61cc568c2a2d78e36

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 11 Oct 2017 19:09:05 GMT
X-Server-Name
az-cmlive15
Content-Type
image/png
Cache-Control
max-age=59
Connection
keep-alive
Content-Length
25960
Server
Apache
480x100px.png
media.heartlandtv.com/designimages/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/designimages/480x100px.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7544590c78b18016ce9dce7cf0d82ed45284b304c1b9a61d9128916deb82e8ba

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 31 Oct 2017 19:54:00 GMT
X-Server-Name
az-cmlive10
Content-Type
image/png
Cache-Control
max-age=108
Connection
keep-alive
Content-Length
53243
Server
Apache
embed.js
embed-740867.secondstreetapp.com/Scripts/dist/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/Scripts/dist/embed.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d072b4dcb2d055934c09956b3c93ec340f2ea05dd13f96ba9ed5f0f333f2b74

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
br
ETag
"02aa2e45eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
81
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
16517
wx_85.png
media.heartlandtv.com/designimages/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/designimages/wx_85.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5dc55cd1bd7c526ff0a9fd04a5da7908ca51ab45c13259201f0efc2a259c5a5c

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 19 Sep 2017 17:01:00 GMT
X-Server-Name
az-cmlive19
Content-Type
image/png
Cache-Control
max-age=149
Connection
keep-alive
Content-Length
5902
Server
Apache
Regional_radar.gif
ftp2.wlfi.com/WSI/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp2.wlfi.com/WSI/Regional_radar.gif
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.156.234 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
4bd2338c35b68d4a56104720f04535a6f52d9f736acd22cac1929b37eae40b04

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Mon, 02 Nov 2020 15:45:07 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
1842888
Expires
Mon, 02 Nov 2020 15:50:24 GMT
DMA_Current_Temps.jpg
ftp2.wlfi.com/WSI/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp2.wlfi.com/WSI/DMA_Current_Temps.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.156.234 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
66a36fe5ded06b82e75e7e0dbc9f872c72c731df98b9659ece19991c48d34d6e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Mon, 02 Nov 2020 15:00:01 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=150
Content-Length
30439
Expires
Mon, 02 Nov 2020 15:50:24 GMT
Day-part.jpg
ftp2.wlfi.com/WSI/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp2.wlfi.com/WSI/Day-part.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.156.234 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
2fe10a9dd52bda66c5f1ae7e9e9c2c1bc6f426a0b9e5ebd8e55f808478ecaef1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Last-Modified
Mon, 02 Nov 2020 15:12:00 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=149
Content-Length
20961
Expires
Mon, 02 Nov 2020 15:50:24 GMT
cw18+channels.jpg
media.heartlandtv.com/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/cw18+channels.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a6c0a77a5ec82e2e737a8a8dd60e769367ca0a7123e9ab8765f943134244889

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Fri, 20 Apr 2018 14:32:24 GMT
X-Server-Name
az-cmlive14
Content-Type
image/jpeg
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
30955
Server
Apache
Nike+Haynie.JPG
media.heartlandtv.com/images/100*56/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/Nike+Haynie.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd4a9c6ad9ed8d1142310c8dbf720f06c7667f0e79082a1d71c58a92d03307ea

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Fri, 30 Oct 2020 14:38:33 GMT
X-Server-Name
az-cmlive26
Content-Type
image/jpeg
Cache-Control
max-age=116
Connection
keep-alive
Content-Length
2591
Server
Apache
MGN_1280x720_00323B00-JCUXZ.jpg
media.heartlandtv.com/images/100*56/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/MGN_1280x720_00323B00-JCUXZ.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69b6a51d31c263101f6afd1fb6fc0d7f79a9822c12bf9cf45a657e9ea70f90fe

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Fri, 27 Mar 2020 12:50:00 GMT
X-Server-Name
az-cmlive19
Content-Type
image/jpeg
Cache-Control
max-age=105
Connection
keep-alive
Content-Length
4954
Server
Apache
generic+indiana+flag.jpg
media.heartlandtv.com/images/100*56/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/generic+indiana+flag.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8d194b3256af9a03695bd264c248fac2d681e805aedb94a122b3c878f259a91f

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Mon, 09 Apr 2018 14:18:35 GMT
X-Server-Name
az-cmlive26
Content-Type
image/jpeg
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
1969
Server
Apache
Joseph+Borgia.jpg
media.heartlandtv.com/images/100*75/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*75/Joseph+Borgia.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc045f205bf84193417627551ea72beb98453bf16179ee0f5bc24eee6b59167e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 04 Sep 2018 10:25:12 GMT
X-Server-Name
az-cmlive4
Content-Type
image/jpeg
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
2314
Server
Apache
Courtroom+Gavel.jpeg
media.heartlandtv.com/images/100*56/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/Courtroom+Gavel.jpeg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
24252790207b514e0113a4b57672ad39fa41985d24b93090ce447b653608eecc

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Thu, 16 Nov 2017 20:53:41 GMT
X-Server-Name
az-cmlive1
Content-Type
image/jpeg
Cache-Control
max-age=275
Connection
keep-alive
Content-Length
2316
Server
Apache
Voting+Sticker.jpg
media.heartlandtv.com/images/100*56/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/Voting+Sticker.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7262428d1786b86c29b0ebf418c3e2ffd704be2c4bf08688f867258a78b5f73a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 06 Nov 2018 09:32:11 GMT
X-Server-Name
az-cmlive5
Content-Type
image/jpeg
Cache-Control
max-age=135
Connection
keep-alive
Content-Length
2255
Server
Apache
Still1030_000002.jpg
media.heartlandtv.com/images/100*56/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/Still1030_000002.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1705fd91041d316572180ee7ec005a27045627cff93687d0299fc303662c8fab

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Fri, 30 Oct 2020 21:14:37 GMT
X-Server-Name
az-cmlive5
Content-Type
image/jpeg
Cache-Control
max-age=172
Connection
keep-alive
Content-Length
1905
Server
Apache
coronavirus+generic.jpg
media.heartlandtv.com/images/100*56/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*56/coronavirus+generic.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ab8beb65b0cd93170d8b233df1ed4eeb5158957f2ef3e454e8eed342247f2b8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 11 Mar 2020 19:55:59 GMT
X-Server-Name
az-cmlive15
Content-Type
image/jpeg
Cache-Control
max-age=224
Connection
keep-alive
Content-Length
3496
Server
Apache
WLFI+logo+generic+defualt.jpg
media.heartlandtv.com/images/100*59/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/images/100*59/WLFI+logo+generic+defualt.jpg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3afcbc4473e13b6c6ec68e60de818026da8574b596dfe51838ce88615265a7e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 06 Feb 2019 14:50:04 GMT
X-Server-Name
az-cmlive13
Content-Type
image/jpeg
Cache-Control
max-age=300
Connection
keep-alive
X-Akamai-Path-Stats
[3:91300:700]
Content-Length
3333
Server
Apache
9960a36aaf5345f8829763202f458fc7.jpg
video-static-01.clipsyndicate.com/24bc/2020/10/31/02/37/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-static-01.clipsyndicate.com/24bc/2020/10/31/02/37/9960a36aaf5345f8829763202f458fc7.jpg?co_id=49
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a1290b56a45aaa60a64d22693d5dec57473cb433915f4bd8a5f1358508b5968a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Last-Modified
Sat, 31 Oct 2020 02:37:54 GMT
ETag
"1604111874"
X-HW
1604331925.dop026.pa1.t,1604331925.cds210.pa1.shn,1604331925.dop026.pa1.t,1604331925.cds038.pa1.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
37666
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.34.73 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C27) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
603922
x-cache
HIT
status
200
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (mil/6C27)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c0b68b2f-a01e-006d-3eb1-ab4c46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
optin.js
embed.secondstreetapp.com/Scripts/dist/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83835f07531a2fa62871c7a60465b56be21f400f657904a9552bf0c94e485f60

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
ETag
"02aa2e45eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
114
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
51758
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
326524
x-via
cfworker/kv
status
200
content-length
6714
cf-request-id
062b3b84b70000178e8f9cf000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:00 GMT
server
cloudflare
etag
"5eb03ffc-619d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KkPUUkR15uT2%2BfSwZzRAtUuFJaQn%2FnnnqMvHFBf56sxTImo1GXhheO4yZjn4szlaNhLtL%2FhQJArI5JojpAV5R40xkw9%2F5wOYuy2w2vjgSl7MrfaqvC5OW2bszUZPFaZ0Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ebefb8119c3178e-FRA
expires
Sat, 23 Oct 2021 15:45:24 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:52 GMT
status
200
etag
"1544639632"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13105
velocity.js
cdnjs.cloudflare.com/ajax/libs/velocity/1.5.0/ 		197 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/velocity/1.5.0/velocity.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88a056eed7fc9dd598f345ea866f324ddeec180e3c5976083257a1cd847d568
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1018474
x-via
cfworker/kv
status
200
content-length
46474
cf-request-id
062b3b84c90000c2ae75ae6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:30 GMT
server
cloudflare
etag
"5eb0401a-312c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oIyc%2FE2fn%2FytKVQHd3Jt%2BKTYEEiqI2nRLdMfQjogYsH4sHCQZ%2FZVk601B7HUM1AkVl%2BiiJPhJPZlRBMWk743xBXqa%2BmqdkFWqF%2BJ3po2mQcZQr6uEz42vKxGppJ1jbsetg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ebefb814f06c2ae-FRA
expires
Sat, 23 Oct 2021 15:45:24 GMT
scripts.min.js
www.wlfi.com/includes/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/scripts.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
13575e4e85121b088ab9dbdca88b8e29ced12719214a228c9b3b09d544d0a18b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Sat, 23 Sep 2017 12:59:26 GMT
X-Server-Name
az-cmlive26
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
3604
Server
Apache
theia-sticky-sidebar.js
www.wlfi.com/includes/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/theia-sticky-sidebar.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Tue, 05 Sep 2017 20:51:00 GMT
X-Server-Name
az-cmlive1
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
3547
Server
Apache
jquery.cycle2.js
www.wlfi.com/includes/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/jquery.cycle2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
bfc870ffd2897d5f380be0b95e89a4ffd7f1cdde24ba00fcba21e20524bcf70d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Sat, 23 Sep 2017 12:12:38 GMT
X-Server-Name
az-cmlive10
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
7109
Server
Apache
jquery.cycle2.center.min.js
www.wlfi.com/includes/ 		906 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wlfi.com/includes/jquery.cycle2.center.min.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.222.233 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
ab6c4fd4bea57a49ab8d190552d6dcaddaf54accf6ccc8e135175c9181e4ae6c

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
gzip
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Mon, 25 Sep 2017 12:04:28 GMT
X-Server-Name
az-cmlive10
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
Content-Length
492
Server
Apache
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Mon, 02 Nov 2020 15:45:24 GMT
x-host
s7.addthis.com
content-length
116324
x-akamai-path-stats
[3:136718:6282:-],[3:146119:4294816177:-],[3:139863:4294833433:-],[3:138104:4294825192:-],[3:140561:4294828735:-],[3:137791:4294827505:-],[2:139734:4294829562:-],[2:139811:4294827485:-],[3:143228:4294827068:-],[3:139943:4294824353:-],[3:146268:4294824028:-],[2:143741:4294819555:-],[3:141847:4294827449:-],[2:139981:4294825315:-],[3:146025:4294823271:-],[3:140560:4294826736:-],[3:139414:4294827882:-],[2:139428:4294826868:-],[3:140060:4294827236:-],[2:139708:4294827588:-],[2:141827:4294827469:-],[2:142699:4294826597:-]
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v2/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v2/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83989511162f4870eec741186b1f61e347cf37e3d54da12035a90da2836965cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 10:53:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:09:04 GMT
server
sffe
age
276719
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20136
x-xss-protection
0
expires
Sat, 30 Oct 2021 10:53:25 GMT
feather-webfont.woff
heartbeat.heartlandtv.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heartbeat.heartlandtv.com/fonts/feather-webfont.woff
Requested by
Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/heartland-css/vendor.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
50.28.54.68 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
0999a7c80d428aca7048c17797e42ce94804645b674c923e242bce46eacff4b7

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://s3.us-east-2.amazonaws.com/heartland-css/vendor.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Last-Modified
Mon, 31 Jul 2017 10:41:47 GMT
Server
Apache
Content-Type
font/woff
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12936
t
jadserve.postrelease.com/ 		97 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ntv_mvi
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.93.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f28b97ebae9bbdf17d5ac7fa94f437e5&ua=modern_es6
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d749d9a2487da8156f8033dcbd23cb363f21f234048713004f5d73df0bc7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8I1sl6CEB4TQFctyt87jxA==
status
200
cross-origin-resource-policy
cross-origin
content-length
60127
etag
"1293d8f246dc9e1fdce5f3bee166cdc4"
x-fb-debug
CHMgTVRg/c2LuaJA9pFwmNWq1EXCAcWkCDIncnRQAfZ+6mVLkZwkhMM0vAzPwOSw9DFzexWWosJOSzL/6EO0Tw==
x-fb-trip-id
664085054
x-fb-content-md5
887d23f261788f36f76dffdc849c690b
x-frame-options
DENY
date
Mon, 02 Nov 2020 15:45:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 02 Nov 2021 15:12:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1776
date
Mon, 02 Nov 2020 15:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 02 Nov 2020 17:15:48 GMT
collect
www.google-analytics.com/j/ 		2 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=225910251&t=pageview&_s=1&dl=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ul=en-us&de=UTF-8&dt=Contests%20-%20West%20Lafayette%20News%2C%20Weather%2C%20Sports%20%26%20Breaking%20News%20%E2%80%93%20WLFI%20News%2018&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=379188689&gjid=585196402&cid=131401762.1604331925&tid=UA-54612925-17&_gid=2131818986.1604331925&_r=1&gtm=2oual2&z=1345097175
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-54612925-17&cid=131401762.1604331925&jid=379188689&gjid=585196402&_gid=2131818986.1604331925&_u=IEBAAUAAAAAAAC~&z=1368619467
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 Nov 2020 15:45:24 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2131841799352984&correlator=3249050733043884&output=ldjh&impl=fifs&eid=21068381%2C21067193%2C21067576&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=30582678%2CHTV%2CWLFI%2Ccontest-scrape%2Csticky-footer%2Cbouncex&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=970x90%7C980x30%7C970x250%7C728x90%2C970x90%7C980x30%7C728x90%2C970x90%7C980x30%7C728x90%2C970x90%7C980x30%7C728x90%2C300x250%2C300x250%7C300x50%7C300x600%2C300x250%7C300x50%7C300x600%2C300x250%7C300x50%7C300x600%2C300x250%2C300x50%2C320x50%2C728x90%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dhtv-top-1%2Cad-stack%7Cpos%3Dhtv-left-1%2Cad-stack%7Cpos%3Dhtv-left-2%2Cad-stack%7Cpos%3Dhtv-left-3%2Cad-stack%7Cpos%3Dhtv-right-0%2Cad-stack%7Cpos%3Dhtv-right-1%2Cad-stack%7Cpos%3Dhtv-right-2%2Cad-stack%7Cpos%3Dhtv-right-3%2Cad-stack%7Cpos%3Dhtv-article%2Cad-stack%7Cpos%3Dhtv-weatherbox%2Cad-stack%7Cpos%3Dhtv-native%2Cad-stack%7C%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1604331924&dt=1604331924796&dlt=1604331923234&idt=1533&frm=20&biw=1600&bih=1200&oid=3&adxs=15%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C0&adys=96%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C85&adks=2316703438%2C4150103559%2C4150103556%2C4150103557%2C2880255473%2C405586352%2C405586355%2C405586354%2C547587423%2C497834419%2C3551605349%2C3293468341%2C1627279807&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&dssz=36&icsg=8744&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x114%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x1286&msz=1170x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1x-1&ga_vid=131401762.1604331925&ga_sid=1604331925&ga_hid=225910251&fws=0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
f07d4cbb3a7aca1d743601bfdb3650ab447103e86c617faaea1fb561a26d4c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18529
x-xss-protection
0
google-lineitem-id
5492123037,4562603253,4562603253,4562603253,5492123037,5492123037,4562637344,4562637341,4562637341,-2,-2,5359586384,5364513263
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138325364408,138223772064,138223772406,138223772376,138325364402,138325364405,138223789649,138223788935,138223773255,-2,-2,138310383214,138311105167
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/ Frame 5058 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16f897844ba0eac70e8c266a38d132f5cf7d60d5dd0feedfa3be2be75ed56f31

Request headers

Host
embed-740867.secondstreetapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ga=GA1.2.131401762.1604331925; _gid=GA1.2.2131818986.1604331925; _gat_gtag_UA_54612925_17=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-StackifyID
V2|2327d064-242f-48e5-a6f1-06c9df08a4f2|C69601|CD14
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-SS
81
X-Powered-By
ASP.NET
Date
Mon, 02 Nov 2020 15:45:24 GMT
Content-Length
1370
7Au9p_AqnyWWAxW2Wk3GzWQIElsO0w.woff2
fonts.gstatic.com/s/mavenpro/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mavenpro/v21/7Au9p_AqnyWWAxW2Wk3GzWQIElsO0w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9de1647d3164a0fa89ac17c1f9d148f330c1add59e3fde51b7c7cdd28008968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 19:59:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:08:59 GMT
server
sffe
age
416734
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18292
x-xss-protection
0
expires
Thu, 28 Oct 2021 19:59:51 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
262424
api.secondstreetapp.com/audience_signup_widgets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.secondstreetapp.com/audience_signup_widgets/262424?callback=secondStreetOptinWidget_262424
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.19 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2602c63d3930675fbf9ca4b3faeb9b6b89900abca7931aae7c40a0346962a3ac

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
br
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Age
162
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
81
Content-Type
text/javascript; charset=utf-8
X-StackifyID
V2|0ee3db43-e1b1-4e5c-a663-a64e8ceaa116|C69601|CD14
Cache-Control
public, max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1387
Expires
Mon, 02 Nov 2020 15:52:43 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c972f1d21c8fe8e9c079da22e482193d7389b1ae00d4e3ab13f89e1b862c033

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		970 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca81f106003c068d1677491149477d9b9845215eda925e0925119a2e1bc1b35a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-96.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
6CDA04CEF72D568E
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=30609
accept-ranges
bytes
content-length
948
x-amz-id-2
vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=
sdk.js
api.traq.li/public/sdk/v04/
Redirect Chain
  • https://api.traq.li/public/sdk/v03/sdk.js
  • https://api.traq.li/public/sdk/v04/sdk.js
43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.traq.li/public/sdk/v04/sdk.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7c1ac07d8f07cff11fe8c359fc922fe3fe349a30449df29561825355eb622b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1771
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-traqli-node
1
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
cf-request-id
062b3b87ff000017725e027000000001
last-modified
Mon, 26 Oct 2020 09:57:08 GMT
server
cloudflare
etag
W/"1bbdd-17564570e17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5rXgxw8P9Wo09PFMEB1mjEfLIyesicBR8zSCaFrcxx4SCV7SWiUAn%2BJcS2MBSePmgrTU6bBiZi5aQo1ix7PBFMdAWkj5CbJ%2Fs8l041GXlWc4Erm%2Fw3mv0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api.traq.li
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
5ebefb866e2a1772-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 02 Nov 2020 15:45:54 GMT

Redirect headers

date
Mon, 02 Nov 2020 15:45:25 GMT
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1335
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
301
x-traqli-node
1
content-length
56
cf-request-id
062b3b875d0000177223bda000000001
server
cloudflare
location
/public/sdk/v04/sdk.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0wTg6DZ0BCzWjbarIGJZtzsowrkCCu7uSnmS4dkHez%2FvdeR9N0IINXCHTI2PFhwOlWDCM8VJrmp4uO8JCikHGUPBYA887n1Y0FqbLRrzxJ%2BI7jgU5hBZzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
api.traq.li
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
5ebefb856c0f1772-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 02 Nov 2020 15:53:10 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-59e4f963a42680e4/ 		1 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-59e4f963a42680e4/_ate.track.config_resp
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37a8e6356d0bc78cc0edf94148cd4fbcd79e4f7bf50634fe0829b75501d1ef26

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
etag
305440713--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
539
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=5fa02995594efd26&bkl=0&bl=1&pdt=2723&sid=5fa02995594efd26&pub=ra-59e4f963a42680e4&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=wlfi.secondstreetapp.com&fp=What-Are-You-Thankful-For-Photo-Contest%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1604331925320&jsl=131201&uvs=5fa02995fe0b46f3000&skipb=1&callback=addthis.cbs.jsonp__86567242185225420
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
399419ded7767fb642e1af81a330a4f9ea2066cf6fb95934bebbf7ff67d2ae19

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 02 Nov 2020 15:45:25 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2A29 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2A29 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame ECEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
server
nginx/1.15.8
content-type
text/html
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
etag
W/"5ed917ff-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Mon, 02 Nov 2020 15:45:25 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
pw.js
cdn.includemodal.com/ Frame 78CB 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331925.496280,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
32
view
securepubads.g.doubleclick.net/pcs/ Frame 78CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuauBbsAfvsWOTYDwS5p9e0YpU4agya-mF1enhXEA79WZz6rea9Hf7nY1FId4HDMsrUkz227_G5Uqn5-GmwUtHwIxJM-J7iP5-twYYq514EYXBqGYDz9BKynAX6CExzB0lpVyKfuvU0zsy6Y74wqYO1HoHP-pQkLlR1W9pCeTruVk9n3rY8EsEva_PzJEBVHZXzCK1_Yc7h8omdA9LXjwqPAaREglIUXcz_jOooIc4AQoxc2sGf4CeW-47SCk5t6MLjTomobjEX220A-s1yV95t7zvo0jOiolY&sai=AMfl-YSVe1RNTIbQ3ORFy3_VITr1iVhVkLAMVDH7R_9sf4xf3Y2ENJneruGl30VSJP6r1rMN3i6kb2uyq701Zj_C5UyRFLnWSGF0V75BAiULBQzb-HpWRBMeMPIlgDwFS8py&sig=Cg0ArKJSzCsbLjNgBD-rEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame 78CB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 78CB 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
7542469207413560373
tpc.googlesyndication.com/simgad/ Frame 78CB 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7542469207413560373
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f566aa0a16f541e7638d2785350fbd23efe9f98a6da87eaf7185aa8c9f940198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 16:11:08 GMT
x-content-type-options
nosniff
age
257657
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32887
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 16:39:26 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Oct 2021 16:11:08 GMT
pw.js
cdn.includemodal.com/ Frame BBEF 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331925.496410,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
33
view
securepubads.g.doubleclick.net/pcs/ Frame BBEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZAn5unWMzDKpBWNVhvvaDqJ_hpIKrpMUNq0JBAGk8gtfwV9nIXfwREHCl3iZINbZYrCSJyTC-5pEqJfuB1dtPP0A_ua7h5hj3mewqwINKgtcZ6Q2BgG7G8VTUqKnlQT1-Y4luID7rrg8VayPBfJ8ICkbQqXr6QrpbCUruXdwapBt2sbb1x3Q4fA_SAstc-MyY4hj929n7SQIASOcgVc18hij6CXCfh6s6_a-GOkGp2zDllCQZbjzK2bU6a__ehW5tsX8mzMhGYac6aisbEsRthzJJfBWzHEYcd1GS&sai=AMfl-YSkdGtua7s4g3LUSq7J1onns2VK0HphNYzQmMOphYrNBRdYt0yOWQwiK8xJs1mBHw65uw8-HqtGncu6b_G9cxT4nEVjHFc8z9aluEuwl_c0U3X7_l4qZ9y3Sor_fCJL&sig=Cg0ArKJSzMVi53qSmOoyEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
RenderAd.aspx
ads3.mthsense.com/ Frame BBEF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=4648&width=728&height=90
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29af64d9e05831fb1f801067a405e16c68707b795e29c462190f8f2734f957c9

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2852
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BBEF 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
pw.js
cdn.includemodal.com/ Frame 4048 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331925.496404,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
34
view
securepubads.g.doubleclick.net/pcs/ Frame 4048 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssirYCcDE_s-Cw3ydqU8g2doBtRBLziG-VYPB8QbSwfYvW6eWAkbj66X_MZv490gKON4WLtCC3RXZrcc6BuS_-sfbvNgNWncbX8zymEYEjyz8PgMzqvRrwe9agWZrVEhCNEEiUyll-uEz-9nwz79aIs-YHHcn1VEEumV04p9j_6aIR52HQfaxTSlC9RWWwUSZe_QYJn1oYMUQptsBRuTu_iF3zhctbgFuljzuwjQOIx6x_-3ftCCzfjST9r_bFNgXsstEroLDJ_rrWo5vP6Mw1793sm4Y7xsP2G&sai=AMfl-YRdr0iTgjgrFJOfMbjjL84nEQnjvGnnZQGWU5rkoa897FDyOTfM6raMFw9HsXbvPwv6E97otZ1TnIkr5lKUwa0XoLvpi4fkkze-QJ39C01qWMrpT1zcXxLo5SeugHg2&sig=Cg0ArKJSzG4pZaUK1YaIEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame 4048 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4048 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
l
www.google.com/ads/measurement/ Frame 4048 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUCupEY9swezJKdtNF3DDN22AbkkJ3OxnHan5PJ_29mZxGAfXc-b1LdmraE-FilBQWLv7A
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
15478559635296806638
tpc.googlesyndication.com/simgad/ Frame 4048 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15478559635296806638
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cb5de3827822b6fde534bf840e5aa508df38c5c501e69c01092922468a13c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 10:56:46 GMT
x-content-type-options
nosniff
age
276519
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31608
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 16:39:25 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Oct 2021 10:56:46 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
pw.js
cdn.includemodal.com/ Frame EC89 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331926.575026,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
35
view
securepubads.g.doubleclick.net/pcs/ Frame EC89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2txlk-28M0tsab0AYggoknPga4hSSXwRicXWO8-Rqa8b2kwxAPWbnSB9X-WhxdGwAFiz64CxqwomtiS-BC8PjQN-ta7xZsQAAPckkP61h4YDe4isHk9AF3E8pHZhSJr0dIhifCf-BB1FmAo816LFjfHD92eFO0CHW_C8MMNJl0VApsfgEftnFIH4f888TXgLqO2k7ba2nklixznHOs82Ebfmyh7__TQR69_W-wLLUUYNyE0hKsOKPGE6xRQY4MKZp9hyyBn-gyE1THm3T6bhcA3RsCzBuk5tP&sai=AMfl-YQkz9PtZ31gmt7WGkq_sU_f6-8MjmIbGB5Gpe8_veqUepFNJXoLUwpG15rzk5l6HLsxO5NiwZVY5vcuFOjTTDsN8UNtl_b2IQJUdpI8Z0e1uoiU2sYg6j9Vo_Eq4diJ&sig=Cg0ArKJSzLqcr-SwZJ8MEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame EC89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame EC89 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
l
www.google.com/ads/measurement/ Frame EC89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzG_N88KH7OcFDLKZPXlcq9LkpNLBEIY4I_Yl44vCQlZ3uUeGWNDQl2e1jNFQUDXdJPWHr
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
11185791627173294115
tpc.googlesyndication.com/simgad/ Frame EC89 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11185791627173294115
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89bb443ef7d0ff12aebca01a3bbe7e1325eb4dc2535ed55a4c453c83a3a9f2fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 10:56:46 GMT
x-content-type-options
nosniff
age
276519
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69710
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 16:39:26 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Oct 2021 10:56:46 GMT
pw.js
cdn.includemodal.com/ Frame 6821 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331926.603755,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
36
view
securepubads.g.doubleclick.net/pcs/ Frame 6821 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHdARhe9xwDyGxpubjtaWwZ40CBmI8pwhz9lBfjozx8AZKQDCiF2fFWZSRqyPAOtfkM2DdEXf46vaT1pkBuzfQ3fSSYB4--0f8y75140yI1RZpHa_0WH8TdVVYKy3Pm1S6kxhwoZEtP-YoxLRQlQ5rSIZ7AZmYdpGb0cDKQ1IAgbprb5D7ir2weAWqEVgXKJpJL0NjgIDB4HsX_ZmsFI89DEN6klovTSM4g7Fdzzhc8vwEOkLD7WoVhik-fILEL_SBULaXIK0hQT4v4nyxH54Oc3ziH3RGZzSPiT_Y&sai=AMfl-YT0al_cxGU2pTerH3k0xdMKnpkp_sW7mtPXve39qsFK82p2mGQWMfPM1U1OykkKvRQ86VKBCcOUaUju9UZXllEJlMOpMSuiRI9u9xP7ZOP4-RgoMjvUNiT6I7KWcOhD&sig=Cg0ArKJSzN4Twu7F92QVEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
RenderAd.aspx
ads3.mthsense.com/ Frame 6821 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=4650&width=300&height=600
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fce8bd7c0fa87fe97c51cc3bb1f9fb2757aaef34cff93b93206fb5c20789b10a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2886
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6821 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
pw.js
cdn.includemodal.com/ Frame 7F48 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331926.625832,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
37
view
securepubads.g.doubleclick.net/pcs/ Frame 7F48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqCft4bkxHyC0ne8S1V5aIz4-_sVYafDayqeUhKxtqNg9B24SMQ5tV4E-tEY3mGCO8-Vu5gSKM6wIleMazyH24e6NrAEYCvpSp2uHtYjbg1miTgtVNYYe5S0QKlzS2jJdRjLDhLXgrf0QW3rzYvQ3Q6DVYK7R5pvFsoqauCWZDXjE2he4kjgSf2mUAZ5jnyS8vtn6N5Y0E96y-aWXDgLjYwvoqyUm7XwOcvXHl8uY2Xj-OF_TmOYCIXTD_SctWsIcUbhtjzDjZ-8ViAeIxyhLkAPqvuKtAgLmgvZ3m&sai=AMfl-YSuUc322PwrhWg5VGIUTukPeFO-vHhTr-jfvJE4YAZT91AzzrOfnyA5XvBog_ibhcXxkfwz6rQuXBn7odGmtEV-VlC054U6q0_w14B8RBGOR7_aOd390jFYazF1c_Nh&sig=Cg0ArKJSzJ4j0ZSJbFu5EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
RenderAd.aspx
ads3.mthsense.com/ Frame 7F48 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=4646&width=300&height=250
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff01f3649ed87a82ef88d8df3c6ec42eaf0b97a5b5ab42788142d0379bd7be1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2900
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7F48 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
pw.js
cdn.includemodal.com/ Frame 4790 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331926.652095,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
38
view
securepubads.g.doubleclick.net/pcs/ Frame 4790 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK1GIsO2NiKAoEj037zIm99xZULZg-TT8yGQ7gtE0CPk6b_UgYrKT04Mp20bMGX2UWSvB5IVp3_hDTc5-7gRimL5HbyGi1gOb6R4qC3_M4wFWhncbfDs-06AVjSPzA1QYk8YhptKDkRnZrB8XH0nsTubHUfP9p9ZWjkAjUuPHNDXsOSAp1H-OxTMbM0AsqsZVG82VmyW7Iu0GVIugIeuFN3w2kxOF1ULR6LVQHugJ0q9WxPT8iXlGubIId12S-VLVpsCKvx_eL21gr5CvLT720e920OHcnTZtqEYA&sai=AMfl-YQE96YrLTf2rnTXrvtD7PT7d-mekcB8UPCtqL8V5Hp9aK8W_PWP3n-bgEypr-6qdwPqD0s5AL_p1KqMH96qV7hJHPsYAhhao8Mf7i-YcOqce9u7HwCMVSkIz1mdmk7p&sig=Cg0ArKJSzDe6F_XYttcIEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
RenderAd.aspx
ads3.mthsense.com/ Frame 4790 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads3.mthsense.com/RenderAd.aspx?id=4647&width=728&height=90
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
011cbab5cc3b0e3b55df7de88cebda23d4e71cd6114154f6e38ef4aad6a0c979

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
2853
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4790 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
pw.js
cdn.includemodal.com/ Frame 61AC 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
age
1115
x-cache
HIT
status
200
content-length
18105
x-amz-id-2
tAMMdaVyQSAMlC1fhkEn3T+Af6hwAKZNsxXfiL+BZZM+QjoKdAFaeKJZHWJnDHlakTc6F7IhDDQ=
x-served-by
cache-hhn4034-HHN
last-modified
Thu, 29 Oct 2020 15:24:12 GMT
server
AmazonS3
x-timer
S1604331926.675300,VS0,VE0
etag
"9162006bbc00f7524c8249ff11be952e"
vary
Accept-Encoding
x-amz-request-id
09DB3DF31D3EDF17
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
39
view
securepubads.g.doubleclick.net/pcs/ Frame 61AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvj4MmH3z7Ea7K66rKWhZeZRtUd4ZrBELfXbTWtIn1dY7X7457EFctXniu9bmr77PlxTFtnnRPjY1sURdoFRKYlMNSYcd2V0YRtpE0hC1H2oQ_0_7JwYVHKYifeQ8CQV2ye2YVX8WVZteklRdPPK4Wb7XqFy6lZOoXqGZDh9SPot3VNCOEvxPOuS4SI2joAUaFrjpJkOc0fyUeFCOHm04wteRNqJxj_XEYYaCTFC0dvAP8si21F4-VCH-SqoYz0U62Slz0eaR6B9K3LWRytB7EDH1Y&sai=AMfl-YSKZIhpcpjVJSp-9Z6jJ3SW6P_4FmK-9xoUE2sA8mhHrkBy7rF9XHwLGoeyq2WT9jW_LKrIoM8lCZxdw1DKgUAi5oeAMSyYB7Qbcc_6yirwhBn5WGe-ew-Y4u4lzHKx&sig=Cg0ArKJSzBrOpNOyL7Y8EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 61AC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:17:00 GMT
content-encoding
gzip
age
1705
x-guploader-uploadid
ABg5-UzUHbDksmVNeP5SBOHDrZn6p4jS02_h4pklYttKm8elWH158eYMxlKsyOck9HMUQ1PwOewq5GIpN-uD_HKmx2U
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
539
last-modified
Thu, 25 Jul 2019 15:10:59 GMT
server
UploadServer
etag
"0cfef24c569b42826ee2e88465d4bfb6"
vary
Accept-Encoding
x-goog-hash
crc32c=DjYwig==, md5=DP7yTFabQoJu4uiEZdS/tg==
x-goog-generation
1564067459897939
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
539
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 02 Nov 2020 15:47:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 61AC 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 78CB 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwqFmIJIIdZLPxb4Eh8dVBG_OFBRGVMF2OLivy1DKF1ov7dfwWmJ26stCUNQQh8kSCq5-yKZNvzAPkuSBPRGY33Nfw9z2kpL2npzg20VKHrOLMGhx6x32v9Wep_hlN713TwMuEzxUzbiPVom5FuPGzBl85z0fY_P4VH45Qd9hXT1Q2O8ASiZdMl07ALG_H3BAIZVWthRtn1uVQ-st32er3w_D4LkXsEtaqHD5N41yk75f0VSqFrzwaduaNW5sj21RQjDcm89KN1-iHzGg25cD36fjzk5ueb5spJSM&sai=AMfl-YQe7JxgaVhwWqSexSQ7yeXHglCABorre9cChoZjAKdNI9rO3nTph_SkIYUGZ8xCAhXEe7H39l683BN2WmqGjddW1KGVSeilZVz9RJ1_meieFzLLecsG3Tkw0MYZoAgk&sig=Cg0ArKJSzAlndfFuaepcEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 78CB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1227d872251976c05ef67c188eea8664a0594f235bd85135f683a69c97838aff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
widgetinfo
p.cityspark.com/api/widgets/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9791&callback=jsonp1604332301099
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ac8fc0bd7622be857cb1513f3fd5b95db60201bfa34abc1ac6e60d870b64497

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 4048 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvelqns5xl1gR_jtKFIoZrk8MF72TNLu_NJckF_IhfN9PR4DR9v7sR2INcTjEdGYp7bFKAtN_J5Haf4P0pKzjLkKaX2ygq0Ff11a_R0c5MMN9uKZx02q7BWM23SI-XxXcDNY_LYLP5MoJfKET37NYVDtYnSvanqbRjeTjlTtacLm5kOYg_0zY49zF7jxogFf7KpNOVbbl_WBn_2dsGjOxyPJY3a4xPnFGup-z0aVo3kivRWeldi5W4EqGha5vCbvkGOAuYqPExRzoBzqvtvm9uc_2GRvHNmurGVLSE&sai=AMfl-YRt4dAq9F2A_weGhBJVR3PwkHmoBnyINwxiUW4BpUvCrVkezziliMgd7W17D7HQV1ECllLV8bMGod15qt6yU6UjDaHn-kaA7i035zKBoHFo6QY52bEPKcyRJGjlwW-J&sig=Cg0ArKJSzBdREZG8b920EAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 4048 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b4aaefb456e6026470a1c4fbfd88c75b5f94f69bc6abe607772080f2991fea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 21BD 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c38c25c07bab6ed7b15cc489003e2d4f6c1c287ca083304f802781853b3e5aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:07:47 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:25 GMT
truncated
/ Frame 21BD 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
640x380px.png
media.heartlandtv.com/designimages/ Frame 21BD 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.heartlandtv.com/designimages/640x380px.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.8.5.15 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-5-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4cd76d98842711c380e2596b86a2b9d50e464d144be1b51e50d853f7709dea5a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
X-Cache-Lookup
HIT from cache.clickability.com:3128
Last-Modified
Wed, 11 Oct 2017 19:09:43 GMT
X-Server-Name
az-cmlive10
Content-Type
image/png
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
217401
Server
Apache
view
securepubads.g.doubleclick.net/pcs/ Frame EC89 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq1asIXupJXP4TiiLwqY8tRYGK9STjBSIIyLfOOyaPqsWztQw19qbRAaVf6l8hFxz3Vhykx8neHSgYAG-94USPqELtmBFJ8kYNRt3cNumiBGtQJKshU8dHjH6GsS5yfCnq_qOq4OPD_ybMuP4eCiAzYPFKGQC0FY6H7LGQrpLgMdTUTGhddGlCmpb7cOz60-YNvJEPVsf4HYAxmlMcvC2DS6ohRehZASaqIBsYjerokaKF-MFn9iyfYByc5C_fDLWkd3QIVgceBAwZw4E3ef6fzIu5PRN7F_LEFUI&sai=AMfl-YR02kc_07ILNB8RqyhtxG0irnCyQ8jK38San1nMtDPip3Sdwiahpjzacwbafqkc1Hi99QWsjUZp9kMigXFnfaPB5y1y31EXwB2dzKePEwc3cn5doEygParCNo0YbGOx&sig=Cg0ArKJSzKOmGEsXYu8lEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame EC89 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36ec64c3d76e5733b56f4bfefc2daad2747ae84dab8c6a956d9a6c3730a962db

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
icon
fonts.googleapis.com/ Frame 5058 		574 B
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:45:25 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:25 GMT
css
fonts.googleapis.com/ Frame 5058 		1 KB
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a28d546d5489884daf32c46095e10218620d6a63de20e146b38ec3221cbeceb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 14:12:32 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:25 GMT
css
fonts.googleapis.com/ Frame 5058 		7 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,300
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:43:23 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:25 GMT
vendor-eced47f87727aa83643e3f88acb4cfea.css
embed-740867.secondstreetapp.com/assets/ Frame 5058 		271 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/assets/vendor-eced47f87727aa83643e3f88acb4cfea.css
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
160a73fe571a0e5c8e38d72b5f44165fe8bb4ffbdb4a5dd69fc25c3e5621d686

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
br
ETag
"0fd70e35eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
81
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
17946
consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
embed-740867.secondstreetapp.com/assets/CSS/ Frame 5058 		318 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/assets/CSS/consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce90bd65a61812a050a998cc5c73d30350d4ab3a0f1ed7d27e1fec4d6c777c4d

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
br
ETag
"02aa2e45eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
81
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
sdk.js
connect.facebook.net/en_US/ Frame 5058 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f061763f44a13b00e797586045aeeb9375748030c7eaeb152d8317166998f388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ctNuM0DZzNLKew08GuQz/w==
status
200
cross-origin-resource-policy
cross-origin
content-length
1777
etag
"93edf69f92741d11e18a771ae9dcf5a4"
x-fb-debug
3M6+fCZKK0qPUX85s49xp3Jtx//BRq2bptpEI7/ASn5CU/dhO9ahNfPmZTV34W58/8pfDoOSOwGeZCgGyx/uSg==
x-fb-trip-id
664085054
x-fb-content-md5
98837e438d593211f1b4feccceede156
x-frame-options
DENY
date
Mon, 02 Nov 2020 15:45:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Nov 2020 15:52:10 GMT
vendor-501a1eb72ff219239064dbcd51ee27ca.js
embed-740867.secondstreetapp.com/assets/ Frame 5058 		3 MB
549 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d146b4113e4ea614f0dbaea9beb152f8658ba9daa61dac225befce5bfc5a5b0e

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
br
ETag
"0fd70e35eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
79
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
562233
consumer-entry-showcase-631f5ea74cfe98351433c34ba263dcf8.js
embed-740867.secondstreetapp.com/assets/ Frame 5058 		586 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/assets/consumer-entry-showcase-631f5ea74cfe98351433c34ba263dcf8.js
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6dd569c8cbc3f88c653f9e57f45f78b0cac0e1c2752f4156d713b949779b83c2

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:25 GMT
Content-Encoding
br
ETag
"0fd70e35eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
83
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
76123
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 78CB 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
ibWaCQe93fBiO8skrTRDxBWPOXskItAGrs5msTrnLaDazHBeOal2yA==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 78CB 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=646382&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
266
api.traq.li/publisher/fusion/lucid/data/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.traq.li/publisher/fusion/lucid/data/266?email=&visitor=&stored_visitor=&tqid=
Protocol
H2
Server
2606:4700:e2::ac40:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age
86400
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-traqli-node
0
cf-cache-status
DYNAMIC
cf-request-id
062b3b896d00002bb93a9a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=unjKt6LlPri8%2Fm2iP%2Fe9LcDlPQBtI8f0iYrmsmhzphdAv9JnBVW6K3c5Wrc8XRXlpkj7qjm2yvuKH9dMgxqpFSaNlZmGYcM974hz2GR7lozb1CcmTyAL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ebefb88af182bb9-FRA
266
api.traq.li/publisher/fusion/lucid/data/ 		89 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traq.li/publisher/fusion/lucid/data/266?email=&visitor=&stored_visitor=&tqid=
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e057b83d7b8c6a14b6daaa563f235b2ad3e246d0c96a4c11aac493263989d96

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-traqli-node
1
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
cf-request-id
062b3b8a2500001772611de000000001
server
cloudflare
etag
W/"59-SXg/jb0NLElOQhl+Y89BeDRNJxs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZatG4bAMr%2B2UwZZBFOFkPG8lSu%2Fia6vEE4avXiW0%2FwQ0SjQ95B6eoKwmSsbXZO4HKm45Zqjv1uOtZ9jpqxgieRJJoeHRuQcswFw8IPFnsEbQ6FXAPbyrpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
cf-ray
5ebefb89dde21772-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame BBEF 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
VUPf6_SBlIQiZ_845naO5RWso8Rk-uJGnFB-zFc0zGlWEZN5xfUIyw==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame BBEF 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=224042&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
layers.33f5b85045a5f2308467.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
W/"5ed917ff-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Mon, 02 Nov 2020 15:45:25 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77540
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 4048 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
WEPGNnGzxdb4ZQpYc0s7pp11TnNtOH3bTfeDty4P0h31PpszkA8cAg==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 4048 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=827134&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame EC89 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
wpeUsnaaMx_l6Gy08Ys49GU1mCMU1XAgLy4GQy36wMK1TlW9naimdg==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame EC89 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=713328&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 6821 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
SfkEYqtAa0qLrW3w4NdXEouaL5F13Ic9yltosZmgaXCB35zwDpVaFA==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 6821 		42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=448056&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 21BD 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Muli:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:20:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
275085
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:20:40 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 21BD 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Muli:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:20:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
275085
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:20:40 GMT
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 7F48 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
mXOMdPf5gUb7sVZuGX_ttDoafmzSoIO2ts7co-jsEZkGUEfZnFHMIg==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 7F48 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=577186&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
4140ee5b-16a6-45d9-bc00-b11220f76651.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 4790 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/4140ee5b-16a6-45d9-bc00-b11220f76651.js
Requested by
Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:54:55 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10230
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
7uto6nxxQNPpi_raC8KLpjidm5We6HN1elzp7RpyXfDXIlwrEChBpQ==
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 4790 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=100595&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
i.js
tag.bounceexchange.com/3976/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3976/i.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
9c39580d7838125ff6a5dff88fb75704a16ff94721a1319b3ebeb4df234db2fa

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:25 GMT
content-encoding
gzip
server
fasthttp
age
1
etag
993554f123d710
content-type
text/plain; charset=utf-8
status
200
cache-control
public, max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
1163
via
1.1 google
truncated
/ Frame 61AC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e563d5edb9810b444993149d7ec17ef568e97fc32168130bbb5c9b1acdce1b6d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D4648%26amp%253Bwidth%3D728%26amp%253Bheight%3D90&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D4650%26amp%253Bwidth%3D300%26amp%253Bheight%3D600&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
/
includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/ Frame 61AC 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/4140ee5b-16a6-45d9-bc00-b11220f76651/?rand=917493&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:26 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 7F48 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=75dc3251-a8bd-42e5-8697-87b6ae07a3d7&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D4646%26amp%253Bwidth%3D300%26amp%253Bheight%3D250&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 4790 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=3f427660-853d-419e-8dae-e21446032c09&url=https://ads3.mthsense.com/RenderAd.aspx%3Fid%3D4647%26amp%253Bwidth%3D728%26amp%253Bheight%3D90&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
ijs_all_modules_4ae6dfbbc6e4cc27dac85ee306b222c9.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		457 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_4ae6dfbbc6e4cc27dac85ee306b222c9.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
74271251c13d33cab987bfba5dab5e8fcfd7d3f7bd8cf19c1d46cd0682ea0b24

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:03:46 GMT
content-encoding
gzip
age
261700
x-guploader-uploadid
ABg5-UxyRRZscz0MG8syFCIAeHFVeNWir3qeCRqoaHdUOehLe-5hFZpOj7_dq20qbH7gR0hHk-qatJBiWRtiNOiHvYfPYBmeqg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
109803
last-modified
Fri, 30 Oct 2020 15:03:35 GMT
server
UploadServer
etag
"0197517870800f959bab82a2ae780536"
vary
Accept-Encoding
x-goog-hash
crc32c=QfoL0A==, md5=AZdReHCAD5Wbq4KirngFNg==
x-goog-generation
1604070215278785
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
109803
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 30 Oct 2021 15:03:46 GMT
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame A100 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:44:07 GMT
age
79
x-guploader-uploadid
ABg5-Uxr362rG_BLDnMl9Su5Sqi8NmPYqOASSK-VVbqJ1HK4ikPrZvxIhUqWKG0UrYsaMXzhY33aer0jOctPEtp6xF0SiF-Z2A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 02 Nov 2020 16:44:07 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame A100 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 323 of 1000 / last-modified: 1604318888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BBEF 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm6FW7kfVSPKwYDoH1xJohbhNY1b3Zw_xhPaiplAovvhnyDdtTVtcmfCjHb8rUsXSuALKBj0Ue892R8kEhE0ktT7Cl_W4K44mEX1QW0RPm9jh6jbWOrX77y41vXRX6aVHU5lKqQKYPgILWuQw3bbU06Hbw3dxEbYmcXkCUAIAb63l8B5oTyfPOtRFdwGkV89h0vN1D_W0ni7KHKLDKQVfLBdikPrU0wiVKRjr55hnDQaOlkhFJIJFGN-4i6h9PUNBdk6DXi3NVHDF7e6wmSbQ_aH4mBBd-HU6bIxi4e1Y&sai=AMfl-YSkRVbxDyl4sPt2uKGoYc8dZXH6Updoj_k0A9Cqta6XGBtSHXqYrGtWvLtesqYwmVMv-U8bjzTb3BjJeE8ifLqXYRKK4RMP4iL5PN0yGzxTmOTs5NhWK6TIxpPqFDAc&sig=Cg0ArKJSzH8U-7QaQfiREAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:26 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame BBEF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1e810d606652104526c962ccbbad4b0c84e05ab6cc2a356a885f3bfb323c47

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame 37D2 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:44:07 GMT
age
79
x-guploader-uploadid
ABg5-Uxr362rG_BLDnMl9Su5Sqi8NmPYqOASSK-VVbqJ1HK4ikPrZvxIhUqWKG0UrYsaMXzhY33aer0jOctPEtp6xF0SiF-Z2A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 02 Nov 2020 16:44:07 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 37D2 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
685519629f8eb69891dfae63b0d52eeb58f5154f65de4f2cbaf1a66ca6163944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 523 of 1000 / last-modified: 1604318945"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6821 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-pxMT4SHbfV-R8wiwFbcanfSdEbHsnEol8PgjysfDOSupSbSklPd0coxIR42MHpo52-7l6rKuA2W3YyorFDOxQDZnZ_dvLsw7OwKEGHmO0I2TExl2fl1QCHZCQyrl_7MuhBbQppR6xK8i_XBzcKTk55RhcRSEd8lvzesf_b7y4iUnYeYtfqWW3ANJsejRyiUnwdH1bAcxPHZqk3zAtMGy2f67qkcxI47wngZ6Yw8vDN7h_DMKm0CeYj1fM2AgPOLlT7dEPqaoXlEPjXiLc2BPPqTXpiCaQObrMoS_A-Q&sai=AMfl-YQ67WYvnENJK8RwxkFEx7ZxkTyaKNwB2zFTz47Nlmz6CgC-82oQIHzfjyqf-KGi-V8CNMX6TU_TdiHEt_ng6_6jsgDLQ6lGRhX2Vas0FTGn_Yex91YfCBWcNGc92Gbf&sig=Cg0ArKJSzFfTEj7oJp1jEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:26 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 6821 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05ef3b2f54125cbf30c732537cff4b3f7d839f082d7cff06672e01625b840b95

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame A100 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame 7716 		302 KB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:44:07 GMT
age
79
x-guploader-uploadid
ABg5-Uxr362rG_BLDnMl9Su5Sqi8NmPYqOASSK-VVbqJ1HK4ikPrZvxIhUqWKG0UrYsaMXzhY33aer0jOctPEtp6xF0SiF-Z2A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 02 Nov 2020 16:44:07 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 7716 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 172 of 1000 / last-modified: 1604318888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F48 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPb4CbP-vmoqLRA1VFa2g8a6Djyww1aERnEW8-y-xlmecF8EopXDeORDUCUcaqf8XAF4kX33ToHUeWj2JqL0-Plkju1S9sQVAETOWbXNuKha8-eNIEIgdouS_XqfE3MeGhME648GrmLz0807ARV_RF1foM6WdAfSaeNi36U-zyzzQ_FprjxqbWIsQ6vgJt7QYApCnOET8Iaa8mvIWWsjowJALbVk9ptLnvL14dfuqE8KszKQgnleMYWy6sx1I4c3p-uNUvynBH5DDg2HBdaTaVOd89Xv98MVMz8QOV63Y&sai=AMfl-YSBA9FN4G3DC1emoW47UPv25oEWQ3P4JOJXYWMUPXJVKQXy3WraK98BMoic3OZZ08jrBDHoaBL31F_ch0rnmcB5PW5IjGvsIQ9Qgc_s0qa29xV1y1W9rvVvfh7_E3IK&sig=Cg0ArKJSzJJofFMC7b32EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:26 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 7F48 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a1b74ef81ca4f9024f521db36f5b53642031fa76b3c42589470905c5dbb1dd6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
widgets.js
platform.twitter.com/ Frame 5058 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/419E) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
885
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/419E)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ Frame 5058 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f28b97ebae9bbdf17d5ac7fa94f437e5&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d749d9a2487da8156f8033dcbd23cb363f21f234048713004f5d73df0bc7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8I1sl6CEB4TQFctyt87jxA==
status
200
cross-origin-resource-policy
cross-origin
content-length
60127
etag
"1293d8f246dc9e1fdce5f3bee166cdc4"
x-fb-debug
CHMgTVRg/c2LuaJA9pFwmNWq1EXCAcWkCDIncnRQAfZ+6mVLkZwkhMM0vAzPwOSw9DFzexWWosJOSzL/6EO0Tw==
x-fb-trip-id
664085054
x-fb-content-md5
887d23f261788f36f76dffdc849c690b
x-frame-options
DENY
date
Mon, 02 Nov 2020 15:45:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 02 Nov 2021 15:12:00 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 9D79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
assets.bounceexchange.com
:scheme
https
:path
/assets/bounce/local_storage_frame16.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
x-guploader-uploadid
ABg5-Uw036c7SebTkoXK3xLZhSF--y77LUMv6lWgyk3WT3mZlq9T9RZ-7FUqdlTdvmoQFc8UHmPgI7KsSDAfyPqOuuk
date
Sat, 31 Oct 2020 14:32:15 GMT
expires
Sun, 31 Oct 2021 14:32:15 GMT
last-modified
Fri, 30 Oct 2020 14:44:56 GMT
etag
"45ef4b9dfc413bc47ea2fad27d705992"
x-goog-generation
1604069096210068
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-type
text/html
content-encoding
gzip
x-goog-hash
crc32c=JFEENw== md5=Re9LnfxBO8R+ovrSfXBZkg==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
age
177191
cache-control
public,max-age=31536000
alt-svc
clear
pubads_impl_2020102801.js
securepubads.g.doubleclick.net/gpt/ Frame 37D2 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102801.js?21068394
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
545da1862a1b3834b6fc4c660d370dea40069e0589a9657d947b2f47b92961d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Oct 2020 08:42:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
prebid4.7.0.js
storage.googleapis.com/rs-static/ Frame 1CFC 		302 KB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:44:07 GMT
age
79
x-guploader-uploadid
ABg5-Uxr362rG_BLDnMl9Su5Sqi8NmPYqOASSK-VVbqJ1HK4ikPrZvxIhUqWKG0UrYsaMXzhY33aer0jOctPEtp6xF0SiF-Z2A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309272
last-modified
Tue, 15 Sep 2020 19:30:03 GMT
server
UploadServer
etag
"6093877422c034fe300df8ed44d1e948"
x-goog-hash
crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation
1600198203919898
cache-control
public, max-age=3600
x-goog-stored-content-length
309272
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 02 Nov 2020 16:44:07 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 1CFC 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 258 of 1000 / last-modified: 1604318888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4790 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBKuNuypm2k_JE6VhgFPur7yv1u_4dB-VYK6s96neEWZOovv3CZSQt-cMIF3z17ZNn5TzPJqAZGYOV21ehE7e3SGhZISVthsEXXu1P_2M_P0Axii_pO7TXVRT2dNGC4qYIjKUs1m5_T-yDMuOHPKzumRbdnXgGN4IblHNieuTfku_d4niADcydnLThWTtztRo5rBzoX6WEWTjfzKUJYnN97bz29ruWk0NS65fWl9oz7XbL8dgzJBYOl7SrV6hiT9ihe0Z1iRt9i8RMNNEgCIoVxyVNKZyKrRuCwXVQvQ&sai=AMfl-YTqRlEVUIjByhcOOWLOaJmcJFCMXhucf21afIhFsZqY2HcGnOXwxYWokW8rCHrVfOQAOJziL6lC2wK_LEUghz6nEKpF2XYg78eacch2Mk_X4s7hMNXLkvBs3QpgsFC4&sig=Cg0ArKJSzHz6c0bgHR4nEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:26 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 4790 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54f4f897af74e5eb983935aa5f8a1f823c96fd3e75b3ca7ece12638175acd2bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A100 		281 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710560&size_id=2&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=368b9b0c-ce80-4507-a129-18dcdebb8870&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.25185257379939774
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a5902cd86e40d6fe3e4a7576bc8d9b7b19d429883f69bea92bcf87f6f0c62524

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
281
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
os4m-d.openx.net/w/1.0/ Frame A100 		173 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=368b9b0c-ce80-4507-a129-18dcdebb8870&nocache=1604331926511&aus=728x90&divIds=HTV_WLFI_728x90_BTF_86&auid=540529560&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
df6a02c4ff63618a4985a8261851ea88aece3e72b621cc9e1cf935522a2ee1bd

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
x.yieldlift.com/ Frame A100 		2 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3fc6cc7436cb47f0a061254d2832b471dc981fc68708c47dd25964c0de85209e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
mvo
tag.1rx.io/rmp/74190/0/ Frame A100 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
bid
ap.lijit.com/rtb/ Frame A100 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3fa416ce898f504e3a8af973fa780a35c8ddac2a394e6175276e0a18f8d966a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame A100 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid
ec7d41e5-d4a2-464d-b992-faff5fe19e04
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame A100 		66 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
a27bebf5ec1ec2d378b182314b9ac7e87f95c502333bb1ef52c22917afa0b70d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame A100 		25 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%22150bb3a36280583%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216c83a4bb41e1ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03a73be0339cd9e157576194cdcaf5d39feb3ca843d3a1fb88743fb3dfe14b53

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
45
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:26 GMT
cygnus
htlb.casalemedia.com/ Frame 37D2 		24 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303656&v=7.2&r=%7B%22id%22%3A%22134c8b065ad244%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222c7e77b6aeeb8e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303656%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
61d601b51a06176849c898349b57a289639b4645fad0207bdc74961d4f063a4d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
44
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:26 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 37D2 		282 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710536&size_id=10&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=0bc3a133-afb0-46e3-aa94-5b2b3f9c42a9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.39136696422732187
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a550b51a85cfd828d95707e27d160d09fae70967ac2b3d07b101bab00e26885a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
282
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 37D2 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b29df2ff86159f2a6808b867dcf5657b9a32a1fe016f237355c310bd0e93aa13

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 37D2 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
e844bc0f-6f96-4b93-919f-139deb07cb41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 37D2 		66 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=brwk0O19ir6ikUaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
7da2b7a601d58209bdbd796b965db12c42dd15730caf0c5ddfd208aec49bf2eb

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ Frame 37D2 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=H7j8B7CTGPp1u47GG2shRkg2&bidId=121dc4ff39455c4&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.7.0&strVersion=3.2.1&secure=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:27 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
vary
Origin
arj
os4m-d.openx.net/w/1.0/ Frame 37D2 		173 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0bc3a133-afb0-46e3-aa94-5b2b3f9c42a9&nocache=1604331926570&aus=300x600&divIds=HTV_WLFI_300x600_BTF_86&auid=540529559&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
3c8a1bdfef12a5a2ccdab3b63912bd50a56b881ccd77f43c071e46a08ee6a66a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/74190/0/ Frame 37D2 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame 7716 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
auction
x.yieldlift.com/ Frame 7716 		2 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b859ad99fb2fa823b03d4af4dd783ded5b8b4f454a22ada32223d0cd83cb25da

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
mvo
tag.1rx.io/rmp/74190/0/ Frame 7716 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
v1
btlr.sharethrough.com/WYu2BXv1/ Frame 7716 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ew7kii4wVov8hjHwB8Wgknzd&bidId=6e1aa7ec776212&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.7.0&strVersion=3.2.1&secure=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:27 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 7716 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
5afe6408-5689-4abf-84f9-a171f52e04e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7716 		282 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710524&size_id=15&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=47c7e098-34f4-4d2e-99bf-df353aaf3fb9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7556627274865702
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
06857daa37923590ac5f66a3af9f75fd1ce23de89520602eeb17c34e7b0295c1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
282
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 7716 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
301a39c9e737ac0ffa1fbf1d5e923ba64371a6c6e29389567c755872cd5b2e24

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cygnus
htlb.casalemedia.com/ Frame 7716 		25 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303655&v=7.2&r=%7B%22id%22%3A%2213ded194a167f18%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22146b9fc1139ccbb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303655%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfb7d379d3f36f9f061f310cef02719dc9c40fa46f68be74694a97a7d35a97fd

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
45
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:26 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 7716 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=47c7e098-34f4-4d2e-99bf-df353aaf3fb9&nocache=1604331926598&aus=300x250&divIds=HTV_WLFI_300x250_BTF_86&auid=540529557&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
bd4fa357aa68d6c385588d64b1e8ffcaa080583039a76261925307cf1f298328

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 7716 		66 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=baJuNG19ir6ikUaKlId8sQ
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
b1378fd9d0212e5c92ae1d39473f0326828a9ecd341a1f56b9b371470a09f839

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 61AC 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQVhZccHeOJccsnm65AA9Aq_uhy-XO_4FEXlrprvK_Qd6b3tbDmS5Q4VfG7PaJxKOhZDxYVTLfLalX5vqx7vZJTjHdNbSlmC4F-z_uGUTCeLSxgPzcKlFBasKHLRWWeHITUu5ClXnGfKFwwQLthBCFB6J-mDxyhCRj1f97iLmeNs5wZc1ttSmceBk0K-ZicAguGxVb0eqlE1vilVs-rIXrteT--nOMFKp-TMGVUrKMiHN8GBoV1qkY-WmIH-AnecoVvLCudPyujUOvpmloy9-DH-URmg&sai=AMfl-YRmf3lTpVM3E4bkdCVyw5rej21QN8sVlEKmVC5o_sI1zSQFzmvhkENSkEllfwSGV8qJNyGkK-EwvYPf3bhQ1U4L7wbVEKJ1sLjW9wemPE9Gc-UWwiZx02dPi6vM8DQf&sig=Cg0ArKJSzKreCmkEhB91EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:26 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame 1CFC 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:26 GMT
init1.js
api.bounceexchange.com/bounce/ 		36 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAGAFgGZz8BOAJkMIFYAOTYALxCgFoTMB3AKYAjHKmCCA+qgAmUctQDshTACdBOEABs4aDARLEAHvlrFiawTEGr1qqNgCGWragQBzSXFVaoAC2BgAAccAFJyAEFQ2gAxaJj+LRhUADocQSQMGRxgdUFgRyCglMyAW3iAdT9HYG4I9W4ATRA4bgAVaoQAa3gtbhiQVW4ABT8QUG4AYQwJHPjMADdUMWBJTJAu1EEoUMUAIWjaLSDD8KjaWgDgsNpGSOjGWIfYxOS0jKycvIKikpBy26xKo1OoNZqtDqObq9fqDEZjCbTBCzYDPOIXaKTQ6qU73DEYxQAEWwIA2Wx2+12xPWmykoBAki0jlU7m2MGc6UwwiCUAs+R5AG0ALqYILAPAk0pBVxQpBSGBM9xQIA
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.229.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
content-type
text/html; charset=UTF-8
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ Frame 1CFC 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid
7f0fec59-049a-45ae-8528-963efbbb5afc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/74190/0/ Frame 1CFC 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
hb
ssc.33across.com/api/v1/ Frame 1CFC 		65 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
6a4d32b09fa86684219ae77473efef2a64b5dabf2c59177a7f89b9549d209ea8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 1CFC 		23 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7e6c6036b8a78acc2f9cf3b9bc5cd1fca271aee36069b71287683f26d3e382c

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
arj
os4m-d.openx.net/w/1.0/ Frame 1CFC 		174 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=11da2464-4f36-4cb1-889c-29a86bdfe79c&nocache=1604331926669&aus=728x90&divIds=HTV_WLFI_728x90_ATF_86&auid=540529560&aumfs=300
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
58363b3654deda1cbd5841388ec893e59ee19b0a08cb28da418774a67c201862

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1CFC 		281 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710560&size_id=2&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v4.7.0&x_source.tid=11da2464-4f36-4cb1-889c-29a86bdfe79c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.15203167560953523
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6ff7ea54afed1fb9a0a12b6d986f3590f017acfa079e33e9b7c7248f3abfdcb6

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
281
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
x.yieldlift.com/ Frame 1CFC 		2 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/auction
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7e3ef3cef1bd0c2b8ad2c80cbf294d0982ab73f4fdabae341d163243d930c686

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json;charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
574
Expires
0
cygnus
htlb.casalemedia.com/ Frame 1CFC 		25 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%2215f4b802c4e7a16%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221614f08d87d4ba3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3eafe4534724ee6aee2d1b6d101bf3b52ea57fedddfba3145206f439b83b17fc

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
45
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:26 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1020612
x-via
cfworker/kv
status
200
content-length
573
cf-request-id
062b3b8cd50000c2ae94266000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uq5wH9S%2Fkw9qAod6vXSgHTsausXU%2Fjttr%2F7vMhcOGC8itj9x9VOboSNMSQWQU9XBJzYp3LTkbniTpLhyQpcvs9jMb%2BEl4ms2cItCLpFtkSqXFUkNu%2FReOZZVPDgqnAieBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ebefb8e190cc2ae-FRA
expires
Sat, 23 Oct 2021 15:45:26 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1778
date
Mon, 02 Nov 2020 15:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 02 Nov 2020 17:15:48 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:26 GMT
content-encoding
gzip
etag
"1d6a717f8899c62"
last-modified
Tue, 20 Oct 2020 19:34:05 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
61870
css
fonts.googleapis.com/ 		5 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d6f4376ec07b325c6312510a83f85d2804b276161c3d8f12d2bea4cb9776db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 13:52:31 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:26 GMT
013963d2-14d7-4471-a92f-4ae11c10f99f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/013963d2-14d7-4471-a92f-4ae11c10f99f.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd2f2a5765557d8ab362b501559ed5f09bb95401dee98a98bdf51e616c55ffe9

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Tue, 29 Sep 2020 22:06:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
W2cClxCbZjhBSbjHUDF4vg==
ETag
0x8D864C3E6378334
Content-Type
image/jpeg
x-ms-request-id
10b1406a-301e-008d-272f-b1f642000000
x-ms-version
2009-09-19
Content-Length
7690
c96db1a2-c336-42a5-916d-4dd596e05c81.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c96db1a2-c336-42a5-916d-4dd596e05c81.medium.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d73e2e390cc69f18f9a60411a434a3fdeae15b37a7ebdb371c60e494bd63a6ae

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Sun, 11 May 2014 21:59:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nW4vNBf0cGfBSy6HlXCuhw==
ETag
0x8D13B7B7A98DC31
Content-Type
image/png
x-ms-request-id
10b1408e-301e-008d-4a2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
148699
5b50dd8a-0de6-4242-93d3-cb18d64d9c66.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5b50dd8a-0de6-4242-93d3-cb18d64d9c66.medium.PNG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5365e5b6f9e5cbbd8ff54d76a9d04353ebd0099c11fe244436696aa6f6540f4d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Wed, 08 Jul 2020 07:47:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
oS0XafHnntOIUdeoEp64ww==
ETag
0x8D8231338A94026
Content-Type
image/png
x-ms-request-id
10b14100-301e-008d-1e2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
20718
ef27b046-86f2-4ec2-bd9e-be0257a7660c.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ef27b046-86f2-4ec2-bd9e-be0257a7660c.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5d35675857d639b5f1f042f5d75f8a7a24105eef8717ceea6d8c90aa5764756e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Thu, 22 Oct 2020 18:48:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
eqVRUx4GWRgsbYrOMYOAXQ==
ETag
0x8D876BB0197D190
Content-Type
image/jpeg
x-ms-request-id
a8f36fba-d01e-010b-092f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
11331
fb480bb5-d3c5-476e-aafa-0047e529d620.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/fb480bb5-d3c5-476e-aafa-0047e529d620.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
351f9ac07bfb806a51e36737397471c48c9602b763a301fdf1edc88aa6b64894

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sat, 24 Oct 2020 11:18:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zhnalpEnc2r9LdCb87Ac2Q==
ETag
0x8D8780E93353F88
Content-Type
image/jpeg
x-ms-request-id
10b14121-301e-008d-352f-b1f642000000
x-ms-version
2009-09-19
Content-Length
6527
94a6acaa-bdf4-40da-a6d8-4919e111ccc9.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/94a6acaa-bdf4-40da-a6d8-4919e111ccc9.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
acee9224afd6f7443003a708f3f188bab3b7cf4aeba059ff48896a5a59c9da40

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Sun, 27 Sep 2020 20:53:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uSHd+A7BMaGZ/OwVFUvrcw==
ETag
0x8D863275868679C
Content-Type
image/jpeg
x-ms-request-id
a8f36fe4-d01e-010b-2a2f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
11360
9f13c52c-4c4f-451f-988d-bfecd7662d69.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/9f13c52c-4c4f-451f-988d-bfecd7662d69.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
19f0bba6b914e9f5e52076a2944122f1c7a6d0ec8cf02e1e2bf06eba6ff617ea

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Thu, 28 May 2020 06:29:46 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2DASVyJ71S1SAS0JGd5u+w==
ETag
0x8D802D0843FFAB4
Content-Type
image/jpeg
x-ms-request-id
10b14145-301e-008d-4c2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
6069
3c30a607-44d0-4379-980b-39a614f149f8.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3c30a607-44d0-4379-980b-39a614f149f8.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cfd2a6818c200975c3079394f878135ccb112dd66909ecc796a51d71055b7727

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sun, 30 Aug 2020 19:28:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kroy/BXoWT41KyXOkDP7UA==
ETag
0x8D84D1ACF09303F
Content-Type
image/jpeg
x-ms-request-id
a8f37007-d01e-010b-452f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
7204
ecfe2255-2e0c-455e-8828-6e22df602bd2.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ecfe2255-2e0c-455e-8828-6e22df602bd2.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63855c047c82fa05449bb089995d81f78fb66b8b4198c9fc47aa3785e3a06561

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sun, 30 Aug 2020 19:21:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5GI+LoHNOXYC+zMPeqRn6w==
ETag
0x8D84D19F46AA796
Content-Type
image/jpeg
x-ms-request-id
10b14167-301e-008d-652f-b1f642000000
x-ms-version
2009-09-19
Content-Length
7456
ef24216d-7c18-4b8a-b338-b62afc48f8e9.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ef24216d-7c18-4b8a-b338-b62afc48f8e9.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c27b820505e7e98aa0e33ddc44d88c79a3e1638d5af5c835fbf4f7aa95616464

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Fri, 09 Oct 2020 14:27:56 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3/LR/+RfEBAYW2iWknXJAA==
ETag
0x8D86C5F83ECAFE2
Content-Type
image/jpeg
x-ms-request-id
a8f3703d-d01e-010b-702f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
9562
ab917417-7c5a-4fca-9a7a-e1ae12fbc6ed.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ab917417-7c5a-4fca-9a7a-e1ae12fbc6ed.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d79b55615ea3b95e773a798decd609863d96055d0409f233841e8a52ceffda97

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Wed, 28 Oct 2020 13:04:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ylput0QHiM8BQiFNr0RsPg==
ETag
0x8D87B420106BE47
Content-Type
image/jpeg
x-ms-request-id
10b1418b-301e-008d-022f-b1f642000000
x-ms-version
2009-09-19
Content-Length
10668
69bbfe0c-db8c-4806-a97c-77bfbad2d26f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/69bbfe0c-db8c-4806-a97c-77bfbad2d26f.medium.png
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sun, 11 May 2014 21:27:34 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QiMAQXH6J09YTfurWJeHpg==
ETag
0x8D13B76F551DE6E
Content-Type
image/png
x-ms-request-id
a8f37073-d01e-010b-222f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
116237
4579513f-7c6a-4f90-b4db-df7a4a468922.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4579513f-7c6a-4f90-b4db-df7a4a468922.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
499bb69e3e39e27ef98bc31e282596ef7ecfcd49dfc66884948669f456bc5a86

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sun, 18 Oct 2020 18:22:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
k5mNgL26gI+QPOWjzjWBjw==
ETag
0x8D87392C15FD10B
Content-Type
image/jpeg
x-ms-request-id
10b141a9-301e-008d-1b2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
5700
aed9c399-ff68-403f-ba18-648006764f1d.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/aed9c399-ff68-403f-ba18-648006764f1d.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fc062692a80742155211f262dbde41be07f12b2e6d8fac159ce111f0831de851

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Mon, 19 Oct 2020 20:25:44 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
stAGnonVYDZzOmT/BGjy9Q==
ETag
0x8D8746D28185738
Content-Type
image/jpeg
x-ms-request-id
10b141d2-301e-008d-3f2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
4287
0c1dd9b2-5daf-47cc-b36f-9350afb1e786.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0c1dd9b2-5daf-47cc-b36f-9350afb1e786.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4382340b3f3475b73c0adb3c5a90e6205f32d8463dec5aa015416700c7ac041f

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:28 GMT
Last-Modified
Sun, 18 Oct 2020 18:22:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
8v9CCTD4NFl0fbAs57IjZA==
ETag
0x8D87392C1A156F5
Content-Type
image/jpeg
x-ms-request-id
a8f370e1-d01e-010b-032f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
6125
e09fd303-526c-4d27-8699-0e824b9e7303.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e09fd303-526c-4d27-8699-0e824b9e7303.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
930b16b505931ff0b34396f5726dfb2206a05bc04bea15a8ba9f9b03041d9afd

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Thu, 15 Oct 2020 18:58:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
c+DrdpM+yBCqIuKrW3ubSA==
ETag
0x8D8713C50448955
Content-Type
image/jpeg
x-ms-request-id
10b141f5-301e-008d-5a2f-b1f642000000
x-ms-version
2009-09-19
Content-Length
16802
428f1652-fb16-4804-88c0-cbd7f045b9da.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/428f1652-fb16-4804-88c0-cbd7f045b9da.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f320afa3d2b837c64cd2cf1ece24ada2ee5c1e8c73c8cb4708f45e4e13c198e1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Wed, 21 Oct 2020 02:19:42 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
F2PZvcSjGyRXcxT8JhszKQ==
ETag
0x8D87567C56212F5
Content-Type
image/jpeg
x-ms-request-id
a8f37109-d01e-010b-252f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
9009
2795da42-39f0-4572-80c1-3ee02b37982b.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2795da42-39f0-4572-80c1-3ee02b37982b.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dd8f14c311971e094ab5c9ddca23f6b2ee465acb40ed4c16490766785951dad3

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Tue, 21 Jul 2020 17:41:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VJyLMFvUvm++5roZ+G/Opw==
ETag
0x8D82D9D568AC530
Content-Type
image/jpeg
x-ms-request-id
10b1421c-301e-008d-772f-b1f642000000
x-ms-version
2009-09-19
Content-Length
16956
62d9996a-c930-4c68-a970-eca57c269377.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/62d9996a-c930-4c68-a970-eca57c269377.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4dde61a3bd5b05cdc5000a9b0375fbecb1852217575a7ae395b52a94f96a204

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Thu, 15 Oct 2020 05:07:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fcIFGFOd6gyYQH7sR2YWUw==
ETag
0x8D870C83D66BD6D
Content-Type
image/jpeg
x-ms-request-id
a8f3713e-d01e-010b-532f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
10411
dac2cf48-b525-43f9-b813-56e35afcabd0.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/dac2cf48-b525-43f9-b813-56e35afcabd0.medium.JPG
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.88.145.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8eaea2001a319f44a37b9c748197633f390b3f8409781b74843ebc6dd74cea1e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Fri, 28 Feb 2020 04:13:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
g1Sy6sib/Sjz4wtuxnz4Rg==
ETag
0x8D7BC049E6EF8BD
Content-Type
image/jpeg
x-ms-request-id
a8f37197-d01e-010b-202f-b1e4c5000000
x-ms-version
2009-09-19
Content-Length
11402
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:20:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
447892
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:20:34 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wlfi.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
275090
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:20:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 78CB 		42 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzRlYtIuqdcDYMR880gz4L9CAKAl7BTJIyQT1xh5zu13nvaoZIOoSzgRZyg_W6xVi65RL8S70K3JhTvT6vHTPhNhFBU6U-HgR0FvyY0LI&sig=Cg0ArKJSzGKZr9XXmsj8EAE&adk=2316703438&tt=-1&bs=1600%2C1200&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&p=100,236,190,964&mcvt=1046&rs=0&ht=0&tfs=239&tls=1285&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=8&niot_cbk=111&md=2&btr=0&cpmav=0&lm=2&rst&dlt&rpt&isd&msd&xdi=0&postrxl=1&ps=1600%2C5992&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-7-7-7-0-0-0&tvt=1279&is=728%2C90&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201030
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4048 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgwhWFFbHtzp46xicyBsB2KvLJD9ekyOu2zoCPdWdkOTUqEnLDH8u2FeS92SR7_Z7Q3Fn67ta4I84QSaatbx0nKp8x9REiYfkQUuhVW6g&sig=Cg0ArKJSzI6_71IboU6XEAE&adk=2880255473&tt=-1&bs=1600%2C1200&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&p=96,1250,346,1550&mcvt=1042&rs=0&ht=0&tfs=212&tls=1254&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=3&niot_cbk=207&md=2&btr=0&cpmav=0&lm=2&rst=1604331925445&dlt&rpt&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C5992&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-3-7-7-0-0-0&tvt=1252&is=300%2C250&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201030
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 17F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fembed-740867.secondstreetapp.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1590367
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 02 Nov 2020 15:45:27 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
integrator.js
adservice.google.de/adsid/ Frame A100 		109 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A100 		109 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwlfi.secondstreetapp.com&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
ads
securepubads.g.doubleclick.net/gampad/ Frame A100 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=717907950853069&correlator=3638426375067050&output=ldjh&impl=fifs&eid=21068116%2C21066705&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DHTV_WLFI_728x90_BTF_86%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Dfdbbdb8bdc15bd1c-22ec45141fb90064%3AT%3D1604331924%3AS%3DALNI_MbxBoj8kT9yU08fZTLTcHgXrbYcsg&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331927&dt=1604331927221&dlt=1604331926138&idt=470&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=236&adys=344&adks=1296344691&ucis=rmrih0cgovar&ifi=1&ifk=2242348662&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=131401762.1604331925&ga_sid=1604331927&ga_hid=511266776&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
f1d8b29f948365d3fc519710c8db3d69024e17ff90436fbcd85601966cbb3b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2946
x-xss-protection
0
google-lineitem-id
4756980902
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138245963060
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A100 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
promotion_contents
embed-740867.secondstreetapp.com/api/ Frame 5058 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/promotion_contents?organizationPromotionUniqueId=37e96a26-4410-4382-9f57-2991ead06c52
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f378842dbd709d741e2a2a3280b40886e69b928ad5d32cfb020c1eaf760083f

Request headers

Accept
*/*
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|991a50af-e87e-4406-8322-ee9cc63c9bb6|C69601|CD12
Cache-Control
no-cache
Content-Length
7292
Expires
-1
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame C9F4 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e400:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 06:26:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
33548
etag
"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
0zV5P6FEWMWrPWWHwb42O7AupLQUB9YToQ-JjNSOgA2SGbnLz8-fuQ==
via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame C9F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNChbpfZimQpikWtbfvMA3SjBqOOPcyVeVGh6d2yw8eUu1EAZ54UbYq_a-PohrIucFSlBn4IftAL9c-q3j-qhkCkYup9SowZ4L0dmnTaJnc8F9Kogrozs4MhCGjRf3fNdmlUO-QMI59PxT0bR-4Jc3tsSjfjG09p-bzyh5q2kGXKmUGAGWKNpAzhquWoAhzAjGv9lMiujFC2r5PwZd0Su4USwAnl2tvphPh7uQLaycCRlEjgFNIdl-psFveM-P0d11mrJfLd7oDr_1PdMwCp6SX8hDE3D3EhGeCU98MtJT7YngPNkznSij0TYdWA&sig=Cg0ArKJSzKqfOQHmUKW_EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
136953cb-88f9-48b3-9417-8f28d8a3cf54.js
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame C9F4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0246dadc540e4f6c0123e63c93e85a46363c18a2476806331d41ac20df8c7799

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 01 Nov 2020 15:56:45 GMT
Content-Encoding
gzip
Age
85723
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 16 Oct 2020 04:56:49 GMT
Server
AmazonS3
ETag
W/"23cba0f3e28a3880cdad784102bc0326"
Vary
Accept-Encoding
x-amz-version-id
rWdOHOjJe9kxJO55GzTWl5VtglPDe9BJ
Via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
DUS51-C1
Content-Type
application/javascript
X-Amz-Cf-Id
j4edm0i5GPsxyvZvKGRUKGPnRwuKuOVAQ4_h_Bt9ZwQUgEAXDqy-VQ==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C9F4 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxmraidlidarcontrol
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:27 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame A100 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A100 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afb034d61e001e4814af09c800ac32d01ddefff87cb0de5378565945ff1f1614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6673
x-xss-protection
0
truncated
/ Frame C9F4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee4198796a5d63296ee727e750b11e807d7ce8af161655ab067cb55901f07a91

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
graphicheader.css
embed-740867.secondstreetapp.com/staticcontent/css/template_presets/ugc_sweepstakes/ Frame 5058 		3 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/staticcontent/css/template_presets/ugc_sweepstakes/graphicheader.css
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2819a2473aaef92db2079e13cedbc18bad5e531986b9ec0fa91f83ebc19fa6aa

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:26 GMT
Content-Encoding
br
ETag
"0fd70e35eaed61:0"
Last-Modified
Fri, 30 Oct 2020 01:49:22 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
79
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
516
css
fonts.googleapis.com/ Frame 5058 		3 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a3fb7862cbcafb6526e9f884fdbde568cb055f44a9daef422c9e29536b1731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:45:27 GMT
server
ESF
date
Mon, 02 Nov 2020 15:45:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Nov 2020 15:45:27 GMT
status
www.facebook.com/x/oauth/ Frame 5058 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwlfi.secondstreetapp.com&client_id=240828629437128&input_token&origin=1&redirect_uri=https%3A%2F%2Fembed-740867.secondstreetapp.com%2Fembed%2F37e96a26-4410-4382-9f57-2991ead06c52%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f28b97ebae9bbdf17d5ac7fa94f437e5&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed-740867.secondstreetapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
7TYAE+iUcJd+naEAaYASMGVnXXUvzK5lhNQ8FaOxQMydgTu4SOy0uxuSPA1+zbqSxUx9Gn8cx0oqJC1mR6uJSQ==
fb-s
unknown
status
200
date
Mon, 02 Nov 2020 15:45:27 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://embed-740867.secondstreetapp.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
second-street-logo-small-black-text-312764d99b2c7aeb912a6537f9762190.png
embed-740867.secondstreetapp.com/Images/Logos/ Frame 5058 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-740867.secondstreetapp.com/Images/Logos/second-street-logo-small-black-text-312764d99b2c7aeb912a6537f9762190.png
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/CSS/consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ba9f77081db51f317abbfbc2bb7fe3e7ac713fcc134981b59675e2d13d650740

Request headers

Referer
https://embed-740867.secondstreetapp.com/assets/CSS/consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:27 GMT
Last-Modified
Fri, 30 Oct 2020 01:49:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"02aa2e45eaed61:0"
X-SS
83
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3404
3707194
media.secondstreetapp.com/ Frame 5058 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3707194
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ee9538b59157f22113ba6c5f90d6fce0df0a2daf28e913de3666130c61e0e3ff

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
image/jpeg
X-StackifyID
V2|2ed01d70-97a4-4902-847f-c11db4e44701|C69601|CD12
Cache-Control
public, max-age=31536000
Content-Length
99552
Expires
Tue, 02 Nov 2021 14:45:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A100 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:27 GMT
integrator.js
adservice.google.de/adsid/ Frame 1CFC 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1CFC 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
log.gif
includemodal.com/static/ Frame 4790 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=3f427660-853d-419e-8dae-e21446032c09&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwlfi.secondstreetapp.com&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:27 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
ads
securepubads.g.doubleclick.net/gampad/ Frame 1CFC 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=173959359066552&correlator=4103558401380323&output=ldjh&impl=fifs&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DHTV_WLFI_728x90_ATF_86%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331927&dt=1604331927892&dlt=1604331926411&idt=502&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=1110&adks=415602581&ucis=obfnc4oetzrd&ifi=1&ifk=2242348662&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=131401762.1604331925&ga_sid=1604331928&ga_hid=1460864186&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
7c8080d7011cf149677cb9cfca3684025490629237e1e465aeb0312b76adcb65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2533
x-xss-protection
0
google-lineitem-id
4488316688
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138216822219
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1CFC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 7716 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7716 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
log.gif
includemodal.com/static/ Frame 7F48 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=75dc3251-a8bd-42e5-8697-87b6ae07a3d7&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwlfi.secondstreetapp.com&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
ads
securepubads.g.doubleclick.net/gampad/ Frame 7716 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3734614585611433&correlator=4026989296209967&output=ldjh&impl=fifs&eid=21067995%2C21068380%2C21065976%2C21067448&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=hb_name%3DHTV_WLFI_300x250_BTF_86%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331927&dt=1604331927921&dlt=1604331926275&idt=465&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1250&adys=5202&adks=1615984889&ucis=2byl8hdjkbz0&ifi=1&ifk=335320279&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=131401762.1604331925&ga_sid=1604331928&ga_hid=1139631538&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
856dcac08faa5d75429222b1ba813058cd6b43f1626becd411270ea463be2a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2414
x-xss-protection
0
google-lineitem-id
5265654189
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299973335
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7716 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 37D2 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 37D2 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwlfi.secondstreetapp.com&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
ads
securepubads.g.doubleclick.net/gampad/ Frame 37D2 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3596564744389964&correlator=3115414820233969&output=ldjh&impl=fifs&eid=21068394%2C21065975%2C21066705%2C44729242&vrg=2020102801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=hb_name%3DHTV_WLFI_300x600_BTF_86%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331927&dt=1604331927976&dlt=1604331926203&idt=474&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1250&adys=3032&adks=130856120&ucis=31hcyl149jj8&ifi=1&ifk=335283875&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=131401762.1604331925&ga_sid=1604331928&ga_hid=1676410562&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102801.js?21068394
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
2da800ea4f2ad0f89b274b66d9eafb8d8303fa5341432e4b08d06e4ab8e09954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2610
x-xss-protection
0
google-lineitem-id
4572868558
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256976882
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 37D2 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_xYS2ixw.woff2
fonts.gstatic.com/s/ptsanscaption/v13/ Frame 5058 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsanscaption/v13/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_xYS2ixw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e952b8b937351217f10dc03717caeb974450135f3cb704f114177e617149731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 17:09:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:26:03 GMT
server
sffe
age
426938
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11808
x-xss-protection
0
expires
Thu, 28 Oct 2021 17:09:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BBEF 		42 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSbIvE292DQfMpLbfJndY7k9bZsF8X7VU7PGgS2tWrVthiwcZ1_kv2J1uL6_tlhoiafWZ03RVhc-_wjyvGbewXsXwNwd0vruiqw9eykYs&sig=Cg0ArKJSzApFEWmrZ3ajEAE&adk=4150103556&tt=-1&bs=1600%2C1200&mtos=0,1466,1466,1466,1466&tos=0,1466,0,0,0&p=344,236,438,964&mcvt=1466&rs=0&ht=0&tfs=189&tls=1655&mc=0.95&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=5&niot_cbk=20&md=2&btr=0&cpmav=0&lm=2&rst=1604331925445&dlt&rpt=746&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C5996&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-5-7-7-0-0-0&tvt=1651&is=728%2C90&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 61AC 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxzTOeCJzEFN4GSB63wHv1sCUR26vYpBo2HQTIevXhxbMBBH1lWoFw9CfZUyhmvdmaHHOdluQ4t6ogB-vHkZgeo2SVWqIBvFMSlQ_CdpU&sig=Cg0ArKJSzLTVp6MtKOQ5EAE&adk=1627279807&tt=-1&bs=1600%2C1200&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&p=105,0,106,1&mcvt=1145&rs=3&ht=0&tfs=792&tls=1937&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=681&niot_cbk=776&md=2&btr=0&cpmav=0&lm=2&rst=1604331925651&dlt&rpt=408&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C5996&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-2-5-5-0-0-0&tvt=1937&is=1%2C1&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=6&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4790 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtrjzIDn1FpTMbLOBM205MziK9C74WVfiXwMve6dO9oRL3wWSWpqAgDsK5hV1jcQMqoFr_fIqqsRKAmj41XFL9EqCdqPN3PaudmKkk8OM&sig=Cg0ArKJSzDZaMMQmdobEEAE&adk=3293468341&tt=-1&bs=1600%2C1200&mtos=0,1240,1240,1240,1240&tos=0,1240,0,0,0&p=1110,436,1204,1164&mcvt=1240&rs=0&ht=0&tfs=147&tls=1387&mc=0.95&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=73&md=2&btr=0&cpmav=0&lm=2&rst=1604331925651&dlt&rpt=887&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C5996&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-7-6-6-0-0-0&tvt=1381&is=728%2C90&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=7&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
21bc8503-7806-41da-b650-37b6eedc566f.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame C9F4 		46 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/21bc8503-7806-41da-b650-37b6eedc566f.js
Requested by
Host: d3oi8laqsvc6ey.cloudfront.net
URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef0300dfe1e69c7dc6784339ada0510fa17b0f6699c3917f84db019bc7d9ab31

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 12:44:13 GMT
content-encoding
gzip
vary
Accept-Encoding
age
10875
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
server
nginx/1.10.3 (Ubuntu)
access-control-max-age
14400
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
*
x-amz-cf-id
yrWO43Uz_7ohwSdmpTBPdKfjIMmPVtXM6VkcJCQ1qHlT77YF4Fx4eg==
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame C9F4 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=1062522&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:28 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
gtm.js
www.googletagmanager.com/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4PPCLW
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4632fcc3c63e5c9d8a8205be42e0ec3e280c13702c809e9ae41a9ab8d7777af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35125
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Nov 2020 15:45:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CFC 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=173959359066552&r=728x90&w=728&h=90&a=0
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame 6DB6 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e400:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 06:26:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
33549
etag
"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
oPu225ou9ZK6VsMfYmVWgYVlnL_pFHDBkyZK1JoCI-ouj4obQe78Bg==
via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame 6DB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5ZREm6RsRD64mhJ1crU5qyypVUQusjnHEzxUNzNfL59C8ToFTFo_g-kp1zQwMfQDrZMlzRll17aJXGkyP9HC2eR9C3ozmMx-lO-LYx8qsUaDwUXiXuMzONLoRu7w-RFMHDDfNvxfq5pANhx5cxTvyFxzk-cIA5Z_m_iJPOrVKUtT8ET0eRL3e-9IAvzuoovtJD_LIZVjvE8YzKfwgQVppmyoqPmHZ8xg1I5VANMw3w4FegDQIISx8XfXjMTmj4uQ6ECBQjsUL4hmW8xkEnV1NhsgzD6JtLgBnBFczd9c&sig=Cg0ArKJSzJhOaqd9KB5UEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6DB6 		133 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
722a06e3ff39c6f90616e76453d405bb5d7413d673c121f96548a06956685d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
46497
x-xss-protection
0
server
cafe
etag
13177997787275641516
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 Nov 2020 15:45:28 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6DB6 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1CFC 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1CFC 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4289c03eb854c6141eb6bb10f799f70c59b1d2293472dbfeb42dff4aae635bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6424
x-xss-protection
0
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame 57C0 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e400:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 06:26:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
33549
etag
"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xaHHA4fiHfv9_AzqbP0SbS9lIcIePDIND9Jy3jSe6apYxHdeVjleCw==
via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame 57C0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsYr4uaiJBZ86MyG4x1m2H61Qk-unPU97KSZU8qM7aoFP98RMH5CD7Eah_IpKuPbYMOLRTPsMtxHHF6v9ALfVIrWb7qzSEtVfLmEtcMhArBJazXkpB81K91CKNRJi9JgDbFTY3yLLOmJxOiT50eSzONp5r-mcFbpW8YRPxYPvhzHR8bjvbPpSJnsmvHK9cd0WXW82dmkgDqkYSRQ7C2SpLFWP8O7zVvIQHxKZMx_osgOrYg-CgCSC9eqR8UxRRnSnh1mvJ7GcAMjGHJhEsmJjjU48bXF6KyZJlND7eYuyjd8__NXrQN98l0Zuzdww&sig=Cg0ArKJSzLUk1wGtfCajEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
platform.js
cdn.vuukle.com/ Frame 57C0 		177 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbf00fed8d2b0d81ef504d7fbdd0ebd331a59e10d03a4583d11cd3f5c0b6b2d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
age
30296
cf-polished
origSize=181503
status
200
content-encoding
gzip
content-type
application/javascript
cf-request-id
062b3b92670000c2817f81f000000001
last-modified
Mon, 02 Nov 2020 07:19:17 GMT
server
cloudflare
etag
W/"5f9fb2f5-2c4ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
1007223586
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=86400
cf-ray
5ebefb970e1ac281-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 57C0 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 7716 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7716 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2bee6cefe63d3d7878c27ff9ab5d20ef3cd1a696bdf645f0aad7f5bdee4f289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6459
x-xss-protection
0
settings
embed-740867.secondstreetapp.com/api/ Frame 5058 		138 KB
139 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/settings?category=UI_Text
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aca557138d1c924dd1ad7725b6f853f61a2df7f42cae45e6b86bc11d76a66aa7

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|ac8a8e3b-8efe-4e39-a0f8-425932215d45|C69601|CD15
Cache-Control
no-cache
Content-Length
141498
Expires
-1
matchups
embed-740867.secondstreetapp.com/api/ Frame 5058 		665 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/matchups?excludeSecondaryMatchups=true
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22276979990b7a249e931c6182c10fe9c03b578bba7e8e3e8b056cb04785b065

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|1a229cd3-7d6f-4d5c-96a7-009b1bae4d14|C69601|CD12
Cache-Control
no-cache
Content-Length
665
Expires
-1
settings
embed-740867.secondstreetapp.com/api/ Frame 5058 		431 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/settings?key=dips_url
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f7d8df99f6cc28ca586c4015b0c708215e22e7fed58ee85f01fd238b36a6a9e

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
81
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|709a1943-f4e0-4908-a658-5c9372070151|C69601|CD14
Cache-Control
no-cache
Content-Length
431
Expires
-1
sweepstakes
embed-740867.secondstreetapp.com/api/ Frame 5058 		127 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/sweepstakes
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34c396e461b21cd4c3762a6df030d1f1d4e6ab8b9dbcf81eeab695d9b3305077

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:27 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|7ebe254d-783c-4ca5-bae7-b43feef8cc08|C69601|CD15
Cache-Control
no-cache
Content-Length
127
Expires
-1
740867
embed-740867.secondstreetapp.com/api/organization_promotions/ Frame 5058 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/organization_promotions/740867
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bd7a22b0b4adc38d8b8ac8ae51f315756e9e0100da259e473bf1f07c11aa9e26

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:28 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|1016b77e-03e1-4114-b2fe-00026bdf9bb9|C69601|CD15
Cache-Control
no-cache
Content-Length
1718
Expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B6D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3676
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/ Frame C9F4 		267 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17431afd408cc1d699edf44f76374f5fa3aaf98a26783dd1773300dc1081fb5a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
BbDY9X0fJin5BlfTgTTnaY4Z3OBxxi4E
content-encoding
gzip
last-modified
Fri, 16 Oct 2020 04:56:49 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"a70e95ae42b557ce629f03064b23c572"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
date
Mon, 02 Nov 2020 15:45:28 GMT
x-amz-cf-id
25pHooGPcJKChjYie0QPYBYv35EMmuLY92dVWQyLwnE-2rNtTZLAOA==
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1CFC 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7716 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
truncated
/ Frame 6DB6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a85622a40f4a0c8379546b1e80f1e9832da123219da6a4de6666f78acae1ed9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 57C0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73a6694c7e8881a6d170dacb38c9f04e59993ee57817c659906b8a7f825bccb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame 6DB6 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=3138213&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:28 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ Frame 6DB6 		230 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88237
x-xss-protection
0
server
cafe
etag
8916267561321754551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Nov 2020 15:45:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 8ADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201029/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMnELZsfipk0Bbv_pQyu2a0ID7NiNenui-7mO3H8b6X6RvF9MOgA3Js3uA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 02 Nov 2020 02:32:56 GMT
expires
Mon, 16 Nov 2020 02:32:56 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
47552
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame 57C0 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=2053645&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:28 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
bq-publish
publish.vuukle.com/ Frame 57C0 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$5ade7f-6032-491a-9aa3-60643e51e57b%22,%22hostname%22:%2203538d2f-71cb-43bd-ae9d-2a54e79fa485%22,%22pubdomain%22:%22wlfi.secondstreetapp.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22da8b1978-7602-4278-af47-8e5759148fc7%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22%22,%22article_id%22:%221%22,%22hashed_article_url%22:%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Mac%20OS%20X%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://wlfi.secondstreetapp.com
x-xss-protection
1
access-control-allow-credentials
true
cf-ray
5ebefb999e4be007-FRA
content-length
0
cf-request-id
062b3b93fe0000e007fb8d7000000001
prebid3.js
cdn.vuukle.com/static/ Frame 57C0 		466 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8d71d16b761a256d762f28226fe732cfd5cf2e4f6b6e9ca4b055afcd73fb5d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
via
1.1 varnish (Varnish/5.2)
cf-cache-status
HIT
age
4607
cf-polished
origSize=565999
status
200
content-encoding
gzip
content-type
application/javascript
cf-request-id
062b3b93ea0000c2814caa9000000001
last-modified
Mon, 02 Nov 2020 10:59:39 GMT
server
cloudflare
etag
W/"5f9fe69b-8a2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
1012108427
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=259200
cf-ray
5ebefb997af1c281-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
log.gif
includemodal.com/static/ Frame 7F48 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=75dc3251-a8bd-42e5-8697-87b6ae07a3d7&url=https://cdn.vuukle.com/static/prebid3.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 57C0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928460&url=https://cdn.vuukle.com/static/prebid3.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
685519629f8eb69891dfae63b0d52eeb58f5154f65de4f2cbaf1a66ca6163944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 513 of 1000 / last-modified: 1604318945"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
/
geoip.insticator.com/json/ Frame C9F4 		204 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Mon, 02 Nov 2020 06:10:37 GMT
content-encoding
gzip
cf-request-id
062b3b9455000005d86f0dd000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9997
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
x-ratelimit-reset
570
x-ratelimit-limit
10000
cf-ray
5ebefb9a2b5205d8-FRA
usertracking
b2c.insticator.com/v3/pages/ Frame 7EFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de53d22c51fd8e4c8ee8edd4e2d018d2c1604331928; expires=Wed, 02-Dec-20 15:45:28 GMT; path=/; domain=.insticator.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-request-id
062b3b946c00009760b8934000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ebefb9a4d589760-FRA
content-encoding
gzip
instbid-2.44.5-21-gb90761d.js
df80k0z3fi8zg.cloudfront.net/files/ Frame C9F4 		275 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:4400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ba502ecab0bd6b9bfdff438ee33ff556ef77484c3a6da888d264d25f082252a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 18:38:15 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 19:11:14 GMT
server
AmazonS3
age
76034
etag
W/"1a3ed0c46fb2b952e1f12a357f6bbf98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cWKL1CE2Z137GTm2CJeaWcUT1SRXQoe0
status
200
x-amz-cf-pop
HAM50-C3
content-type
application/javascript
x-amz-cf-id
yR9Ws6F_GXUF4aT4q3RVFofAOVu4q3C1I7-hdB0awR_H2U9yusiCOQ==
via
1.1 c46d7c5a8bf0a3035249184c40b6aea4.cloudfront.net (CloudFront)
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame C9F4 		116 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d43c3406e58ebfbb2992f4993d5948d5ea2c9adf4433a763ca424b52d77cd9e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:28 GMT
Content-Encoding
gzip
Age
2438
X-Cache
HIT
Connection
keep-alive
Content-Length
25037
x-amz-id-2
5RVCli3K1TjU3+Jlt8LHAdkz9TBKQMfJ5gGI+z3bd2vyKMVxQjquT9UcxcxFTkPezEuLWOmKI/4=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 02 Nov 2020 14:22:57 GMT
Server
AmazonS3
X-Timer
S1604331929.773243,VS0,VE0
ETag
"f50b77b3de0709c247ab00d2999161a1"
x-amz-request-id
ACF8C92090C3E706
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
169
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame C9F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928044&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame C9F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928044&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
pw.js
d3oi8laqsvc6ey.cloudfront.net/ Frame 0A21 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e400:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 06:26:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 14:03:51 GMT
server
AmazonS3
age
33549
etag
"d0854b8502ea96f99f33cad6229947a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
G2IMY_BIl1tSTS3LmM1orbIQMFau6eAIJ5bX_thPoXzTLSSWGiTO3A==
via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame 0A21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq_hWhVTQW74gePmhmYJPmLd8cP4KnTezH6Vb9c0dqb-35GQFskF70xPtwBs3GUqvORNxaOWYVv54XRkD3f1dYNz-EG_zS3uT9gkVWlCWwb5LdUpSNeTgaUXilKuVVFQeWPPR6reGqiHd9RM88QhfU5yC8gCd-dl-z0GKEQTYNM_n4eTeaZsV-8-ENxB7I-ujcBEOIQ1SNZz3ya88Sxwg3pfxi9Nd8q9ejd0-5EHjQa4QpJRHPLEoC3udrHC6jq0ljrnYi1JGn9js4OZgpZivlNLpdyofvlGTo68yamakxp1--1SoXGrkxSoZenw&sig=Cg0ArKJSzFN1qK00zX17EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
136953cb-88f9-48b3-9417-8f28d8a3cf54.js
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 0A21 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0246dadc540e4f6c0123e63c93e85a46363c18a2476806331d41ac20df8c7799

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 01 Nov 2020 15:56:45 GMT
Content-Encoding
gzip
Age
85724
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 16 Oct 2020 04:56:49 GMT
Server
AmazonS3
ETag
W/"23cba0f3e28a3880cdad784102bc0326"
Vary
Accept-Encoding
x-amz-version-id
rWdOHOjJe9kxJO55GzTWl5VtglPDe9BJ
Via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
DUS51-C1
Content-Type
application/javascript
X-Amz-Cf-Id
aosfSlnRIpYLJqxSmkRWQtorsT5ec5YfkzoCk2zrS-ut0aAOGTd_OA==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 0A21 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 37D2 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37D2 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102801.js?21068394
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e283cdadbee9a4919060b4ab92adde9f3915ec7b2037de3e112c3c34ef48a2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6560
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame F6E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3676
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame AA80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3676
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
forms
embed-740867.secondstreetapp.com/api/ Frame 5058 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/forms?formTypeId=2
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1f51bff057925a0cde7b57e5eae79e6496e062eaa8794888301e0edbb9e12609

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:28 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|41af1791-c15c-4434-ac1b-c84d4b35cfad|C69601|CD15
Cache-Control
no-cache
Content-Length
4133
Expires
-1
forms
embed-740867.secondstreetapp.com/api/ Frame 5058 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/forms?formTypeId=1
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3fbc03589c67362e2ddf371d9c662e00de237054da21631a63abd00b7059affd

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:28 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|5c79c2f9-6d19-4ef8-a252-dd5336d5273f|C69601|CD15
Cache-Control
no-cache
Content-Length
21437
Expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame A100 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=717907950853069&bg=!cHOlc1PNAAU7ZAKtO1jni-n5tWOISQIAAAB6UgAAABNoAQcKAUkps4K09KcpsexoAKiP2GuxUOiJdIqSlaWkrEoCiWdap3AZkV-_OxVc2d1Cf07VknrTQZmCsB9jstDDxNLQIFAehtnRT9rWoWbJgsk2sxAgAidzoAcxmd3ITFpy0wTPIHNmWG1KJoCjJxILtbJxiwFWYdHggDVYrdyO2k9ok4Ejah44aX57Yg52nxhiZ7m1MuK8SJ6-7J2zWS4-KVuQXsEJEylo0US2y4CJgPWDqb68eb4xhoKKUAR_09E6UFDduTkq2JTEXvhnaDH7qBVPPNmVlMefEgdIVtq3Rj-muYfBVJHYvuQ_3RI3frHAeUFxqsOsWrKu2hqqffy2FUc2b0pcgnl2GFkcC7xj3eXq_EmYcZq1MTvlKKOYtbKBqblnIn6hXQrXWZx-q5ybR8Un6qhhOWMALzJf8hLVNSTstPCfY6xt8XbgbMTxDpkB7MpCgtEoaaP_b-yvojOy_Ca7SdxLl0mN4NTUvYInRktQbqHmHHNfL2qxEW0YwKItIaQb_hjBTnNbvHfb233qi8SQJUEZIG1ZArClpL-nPYRR2pwvFiBoinhDFe5eFG37q9p6hiHmWLcH4m_s4ZxoKuRhefWqcAW40oEIXvAavt3OAg6dwz4DHq3bPStyYz0nn-TAu4mjUxzAUltAzbL-MFAjwJ3IT_JdSilxUiTh1sPZPLgra1aDU9pShcfoZhakQrjuNRYNI6Q1Hn8B_uj1XSUqggFyFwTgO7ALtv88nRfXzfx3PH2nsOG3nsn6GM68KlaHsCB0XyTL-dlZMqqlfuypzlQle_Mf8NZHFoHvGDulO95Q8uVw4gomC39_TZXlRDGU0EqLSsGbLDZuzM48313y1SYJhIBP0h16i2iy-04sCTnWoY3FiuH56fZMdzgYRoSHY7Gx7CqE7pCr-xylKY6_WOehG8nT1i-vhHBjB78wB8ZwEFtmI3H45EieWL6duUoOK9Sho05AkY-yI_aIIcUcAjpCTowPwYo_24_WxPX9R7B79X5D5ZyPomX0gnol0DGH4bUwDgeJXPqk6Ed-8pvk4R3bDRNWlIt7i_UmEwlYY0_QauaDe7encCry48OQ3LE6MK8NdZLfEh9-zA
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 37D2 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6DB6 		209 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wlfi.secondstreetapp.com&callback=_gfp_s_&client=ca-pub-1371259615228212&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ca05d8db9b44516093782c2fa0e64faa5b88098b98173cde06f885432f1625a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6DB6 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6DB6 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0C61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1371259615228212&output=html&h=90&slotname=7232116900&adk=1483507816&adf=615122506&pi=t.ma~as.7232116900&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604331928404&bpp=18&bdt=318&idt=476&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&correlator=2308923708&frm=23&ife=4&pv=2&ga_vid=131401762.1604331925&ga_sid=1604331929&ga_hid=1446330410&ga_fc=1&iag=63&icsg=2698&nhd=3&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=1412906946&scr_x=0&scr_y=0&oid=3&pvsid=2459483705012349&pem=574&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.p8xae9wd943g&fsb=1&dtd=536
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1371259615228212&output=html&h=90&slotname=7232116900&adk=1483507816&adf=615122506&pi=t.ma~as.7232116900&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604331928404&bpp=18&bdt=318&idt=476&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&correlator=2308923708&frm=23&ife=4&pv=2&ga_vid=131401762.1604331925&ga_sid=1604331929&ga_hid=1446330410&ga_fc=1&iag=63&icsg=2698&nhd=3&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=1412906946&scr_x=0&scr_y=0&oid=3&pvsid=2459483705012349&pem=574&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.p8xae9wd943g&fsb=1&dtd=536
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMnELZsfipk0Bbv_pQyu2a0ID7NiNenui-7mO3H8b6X6RvF9MOgA3Js3uA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 02 Nov 2020 15:45:29 GMT
server
cafe
content-length
199
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
log.gif
includemodal.com/static/ Frame 4790 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=3f427660-853d-419e-8dae-e21446032c09&url=https://partner.googleadservices.com/gampad/cookie.js%3Fdomain%3Dwlfi.secondstreetapp.com%26callback%3D_gfp_s_%26client%3Dca-pub-1371259615228212%26cookie%3DID%253Dfdbbdb8bdc15bd1c%253AT%253D1604331924%253AS%253DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6DB6 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928345&url=https://partner.googleadservices.com/gampad/cookie.js?domain=wlfi.secondstreetapp.com&callback=_gfp_s_&client=ca-pub-1371259615228212&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331924%3AS%3DALNI_MYiccHSGTtAafVvata1lVv_teRwMg&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
osd.js
www.googletagservices.com/activeview/js/current/ Frame 6DB6 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:28 GMT
truncated
/ Frame 0A21 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
763963b0b2bdc41bada0a46a0117897e78fabe314a72c7924e2c4b9cd96d9915

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
geo.json
get.geojs.io/v1/ip/ Frame 57C0 		304 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
access-control-allow-methods
GET
cf-request-id
062b3b95f40000c28137bb4000000001
x-request-id
cf15458b27a5b502edb1ef55b0f6262e-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yEIXaWXgRS73C8EkuPBax2j5LM%2FHDTCC6NtJ2akwUh0opJwiEAtUe%2Fzp6eiJJPkDnMnR5P%2FmI%2F2Jvhct8jinn7aXUuvlXSlVKoDsLzwUZdnwcaH0MfwgC9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
5ebefb9cb8bdc281-FRA
wlfi.secondstreetapp.com.json
cdn.vuukle.com/ads/ Frame 57C0 		0
0
ahmpb-1.0-min.js
www.justapinch.com/static/js/ 		226 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cbed18e97d7c679ffb50034dcf0a26b0b527651ff5ce3c242c0df5de5b285fca

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 13:01:48 GMT
content-encoding
gzip
age
9821
x-guploader-uploadid
ABg5-Uwdo9FUzGVpzjFs4XhpjoCR6pe3Nn5WcH-uQ-6v51_H12M_T36-xlnw-ftRp_I2Xz_UqBg6a7gpBYhrlRPEqgo
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
72958
last-modified
Thu, 23 May 2019 04:12:04 GMT
server
UploadServer
etag
"d5faab7c659dc1391fe6796b384f5e83"
vary
Accept-Encoding
x-goog-hash
crc32c=2fp8IA==, md5=1fqrfGWdwTkf5nlrOE9egw==
content-language
en
x-goog-generation
1558584724412802
cache-control
public, max-age=86400
x-goog-stored-content-length
72958
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 03 Nov 2020 13:01:48 GMT
/
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame 0A21 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=8049021&referer=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:29 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
c
pa.rxthdr.com/v3/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Protocol
H2
Server
52.204.18.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:29 GMT
server
nginx
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-methods
POST, GET
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
cache-control
no-cache, private
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C9F4 		282 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156734&zone_id=747340&size_id=2&alt_size_ids=1&rp_schain=1.0,1!insticator.com,4cd377bb-c455-40c0-9c7a-667505450792,1,,,&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v2.44.7&x_source.tid=84dfc35e-fc63-409d-83db-3357d78f7919&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.04424265279073758
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
328fc17affbc461fe665a471a86ea5095b639ce368941c6bab82ed0374338347

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
282
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ice.360yield.com/ Frame C9F4 		98 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22336adc256f37cd8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224cf8b0345e6024%22%2C%22pid%22%3A%2222111523%22%2C%22tid%22%3A%22984d63df-daaf-44ca-8bc2-372e8cb02173%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69a115628257f5449c515b2d4fc3b8cd0fe24086ea4d54d9b3beffd12ceba586

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:29 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
content-type
application/json; charset=UTF-8
content-length
98
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ Frame C9F4 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
3a5e012b-0a10-45a9-9411-f6e487f1023b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ Frame C9F4 		0
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
cf-ray
5ebefb9e088acc4a-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
062b3b96c30000cc4af2b70000000001
trinity.json
apex.go.sonobi.com/ Frame C9F4 		193 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210d3272b775e6f%22%3A%2276795fc5b7de0e74fce0%7C728x90%22%7D&ref=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&s=3b269125-2bef-4c21-9954-ee15326415b7&pv=a9c1a3f6-d201-4fec-a3ec-96d98366ec1e&vp=mobile&lib_name=prebid&lib_v=2.44.7&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
206b4b240bcc3fe4e4c731079c866e976a88cfb2556bdff4d5e335f3a81c51dc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
179
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C9F4 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid
bbd53259-b660-4666-99e9-de0a4e1e69a2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
insticator-d.openx.net/w/1.0/ Frame C9F4 		172 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=218daeed-a369-492b-8d57-d63d780a287f&nocache=1604331929202&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&aus=728x90&divIds=div-insticator-ad-4&auid=540833000&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
cbfc00265e5ea9e296aabb4e709eaa6e6c9419bd4b0a129956bec78c2fc96caf

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/74418/0/ Frame C9F4 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74418/0/mvo?z=1r&hbv=2.44.7,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
cygnus
htlb.casalemedia.com/ Frame C9F4 		25 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=297143&v=7.2&r=%7B%22id%22%3A%2217fa355cbd6451d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221816f7d7970ee9d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297143%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9125982d21b1f6ad4bd9e8426bd64d9e2d929e5618e27ee7ae55130ed36c563b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
45
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:29 GMT
imp
g2.gumgum.com/hbid/ Frame C9F4 		253 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18045&pi=3&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.116.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f11e56d8c9b83b906d6b7280c0647017efc40f58b1e3213e981ffb6376788a16

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
header
hb.aralego.com/ Frame C9F4 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=wlfi.secondstreetapp.com&u=https%3A%2F%2Fwlfi.secondstreetapp.com%2F&ru=&adid=ad-8A2A7A833A3866BB099D4B6286ED748&w=728&h=90&tdid=&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&fp=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wlfi.secondstreetapp.com
date
Mon, 02 Nov 2020 15:45:29 GMT
access-control-allow-credentials
true
connection
close
hb
ssc.33across.com/api/v1/ Frame C9F4 		66 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
8141e3f53719e57a564f26ff6b468ff9b60e5b1e112a89293627ef8ce1f52ce6

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C9F4 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid
355360c3-a7cb-495d-b19e-e795a264a248
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C9F4 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.44.7
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
41e641db7b510f5b615800dae43d3068284e8583fa29730ab2c8ffbad6b22548

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
translator
hbopenbid.pubmatic.com/ Frame C9F4 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
/
hb.emxdgt.com/ Frame C9F4 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1604331929213&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
c
pa.rxthdr.com/v3/ Frame C9F4 		47 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.18.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/json

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
server
nginx
status
200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
pixel.gif
dh014lg6uwepv.cloudfront.net/ Frame C9F4 		35 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1604331929170&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=wlfi.secondstreetapp.com&ad_unit=wral.com_Web_728x90_1&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3000:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
RefreshHit from cloudfront
content-type
image/gif
status
200
accept-ranges
bytes
content-length
35
x-amz-cf-id
ye1MFxVutSY-eeQQ8J-jJNyjxkp8optw5RUrj-NuyCXEX72D0AcUAg==
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif%3Ftimestamp%3D1604331929170%26site_uuid%3D136953cb-88f9-48b3-9417-8f28d8a3cf54%26hostname%3Dwlfi.secondstreetapp.com%26ad_unit%3Dwral.com_Web_728x90_1%26impression_type%3Dil%26device%3Ddesktop%26country_code%3DUNKNOWN&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame C9F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928044&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1604331929170&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=wlfi.secondstreetapp.com&ad_unit=wral.com_Web_728x90_1&impression_type=il&device=desktop&country_code=UNKNOWN&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
view
securepubads.g.doubleclick.net/pcs/ Frame 57C0 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyxl164kVnJIjTcctacbwO6t7_LD7WAfcdcv55JFZE-khb_7bADgORQUDukaMtz1mV7UsTzxU4RdUZ3C1B55eES0l91_9f9y6HDEsUxYHBqDI2XAzoD-Jk8NJ-uP1A6fsWSwK4KaMu54PKYZvmwrJOYcMeAcmDn-O0kHlujgY-dxCqCHh6QUsXnFGx2Er-omXYwNcNBxKlOFF4vJ3VQ-ybNfnMk4nOU-Vp8Gvl7MMq1T2MzNqO3l5lVLF_ojyNU0h5IZz4tekda6YUQBcToXWj-5ntFkdrMepj4T6JNiovxsY&sig=Cg0ArKJSzAzNH0Bj2ujfEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/ Frame 0A21 		267 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17431afd408cc1d699edf44f76374f5fa3aaf98a26783dd1773300dc1081fb5a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
BbDY9X0fJin5BlfTgTTnaY4Z3OBxxi4E
content-encoding
gzip
last-modified
Fri, 16 Oct 2020 04:56:49 GMT
server
AmazonS3
age
393
etag
"a70e95ae42b557ce629f03064b23c572"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
date
Mon, 02 Nov 2020 15:45:28 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
s7kaJpTfHYuxT67CugXnOQX6dKDs951dC50GD9L_jB4E_ZdfZ9IFyQ==
via
1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202010061403/ Frame C9F4 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202010061403/wrap.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87b388e6162cded936084f785f9d34e7f8da8d24fe3729743babf75bdf51fb0e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Age
378
X-Cache
HIT
Connection
keep-alive
Content-Length
52616
x-amz-id-2
EFJN3jpcko6N7Nz9nXfY2noZQF4xQAthLMx+VVYhPgdJ69AXdEU+dHdqoh5JFp11QOjqtXfUO+w=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Tue, 06 Oct 2020 19:04:54 GMT
Server
AmazonS3
X-Timer
S1604331929.342715,VS0,VE0
ETag
"6b821b280717d16f7b1464cb9a864f8d"
x-amz-request-id
B674B78DC9846129
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
671
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202010061403/ Frame C9F4 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202010061403/wrap.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
208a83f9f7f042b5cc8033b749807bc33bc75e066642a5a1cd7d77730cbc5085

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Age
125
X-Cache
HIT
Connection
keep-alive
Content-Length
21685
x-amz-id-2
6Xtz2UK75/19evcOD/jORlSSb4wW6rKzZKK3tJCAHPuaLk/ghZ0ef1zafjDmQyjf1D15WcHuOic=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Tue, 06 Oct 2020 19:04:56 GMT
Server
AmazonS3
X-Timer
S1604331929.404868,VS0,VE0
ETag
"6d9be48b6b8837aeabd7c8047baee5cd"
x-amz-request-id
D6803DCB94A278E5
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
182
log.gif
includemodal.com/static/ Frame C9F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928044&url=https://confiant-integrations.global.ssl.fastly.net/gpt/202010061403/wrap.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame C9F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331928044&url=https://confiant-integrations.global.ssl.fastly.net/prebid/202010061403/wrap.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
matchup_entries
embed-740867.secondstreetapp.com/api/ Frame 5058 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/matchup_entries?matchupId=2966139&pageIndex=1&pageSize=1
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
551dc22b3bd981993056e6522b3f83106fa055d4bc74a6d298d57a9829e15e3c

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|030509f9-6c47-47f0-b30e-7ac8dbd58c2a|C69601|CD15
Cache-Control
no-cache
Content-Length
2932
Expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 16F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3677
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 6DB6 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup3QKxM37PrRD_1O0IHWMLsOWDegCk8Ji7R8s8cB0kkJnqxca50Y8kA8Ic2sLfrgPW-twJAC3_7QDn2VQG51nFyjZpLdDFnVgp3oapv_LxCsweFjZGckNfe9t54X5eP4ePEh-Zv54WoZuOkdCLkbOcxRTIDdPg4cgGvGMspDyikm1yG_hvh2e0GPdYWdG3u5N6Fb5j4GhAS9eULGsB-IXY0Awb0SN8g_dEVu6KQS7TFMWpvZgEH0SVTAYK9qDV_m1udpSk3f6-l8b5FB8NMs4cQ1Awllr__pBE4owgwXu-gw&sig=Cg0ArKJSzGW8T1axO6NBEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6DB6 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91ee4c8cf026de6feccfd29b596b4e50aae251ca23067a5a863d2bc347369e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6516
x-xss-protection
0
/
geoip.insticator.com/json/ Frame 0A21 		204 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Mon, 02 Nov 2020 06:10:37 GMT
content-encoding
gzip
cf-request-id
062b3b97e8000005d830b7c000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9996
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
x-ratelimit-reset
569
x-ratelimit-limit
10000
cf-ray
5ebefb9fdc2d05d8-FRA
instbid-2.44.5-21-gb90761d.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 0A21 		275 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:4400:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ba502ecab0bd6b9bfdff438ee33ff556ef77484c3a6da888d264d25f082252a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 18:38:15 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 19:11:14 GMT
server
AmazonS3
age
76035
etag
W/"1a3ed0c46fb2b952e1f12a357f6bbf98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cWKL1CE2Z137GTm2CJeaWcUT1SRXQoe0
status
200
x-amz-cf-pop
HAM50-C3
content-type
application/javascript
x-amz-cf-id
j-hLWb8eO77V8oTO5_zvUO9VVAfSrkaArSP0QDwcjiGufBsa7FLk4A==
via
1.1 c46d7c5a8bf0a3035249184c40b6aea4.cloudfront.net (CloudFront)
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame 0A21 		116 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d43c3406e58ebfbb2992f4993d5948d5ea2c9adf4433a763ca424b52d77cd9e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Age
2439
X-Cache
HIT
Connection
keep-alive
Content-Length
25037
x-amz-id-2
5RVCli3K1TjU3+Jlt8LHAdkz9TBKQMfJ5gGI+z3bd2vyKMVxQjquT9UcxcxFTkPezEuLWOmKI/4=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Mon, 02 Nov 2020 14:22:57 GMT
Server
AmazonS3
X-Timer
S1604331930.602125,VS0,VE0
ETag
"f50b77b3de0709c247ab00d2999161a1"
x-amz-request-id
ACF8C92090C3E706
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
170
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6DB6 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:29 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.182.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 19:16:47 GMT
content-encoding
gzip
server
Server
age
73722
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
C-QDLOhvsU-5jx8BhSSD4m684XRTW_8hKlTNHndhGK9eHCEC-bGOuw==
via
1.1 7eb78201dd5759c1d23b9ba1db9d8cd8.cloudfront.net (CloudFront)
trinity.json
apex.go.sonobi.com/ 		224 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F281191609%2Fcityspark_heartland%7C2069a2a8aabbad%22%3A%22300x250%22%7D&ref=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&s=25adc5d1-6f9e-4682-808e-f519ae88d737&pv=24e63545-6270-435e-b254-834c0c793681&vp=desktop&lib_name=prebid&lib_v=2.16.0-pre&us=5&ius=1&
Requested by
Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
71a043c310faab4e07ce9ce21864a518f188129eb9969403c625479925e21009
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
199
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		24 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=359592&v=7.2&r=%7B%22id%22%3A%22328f28fd48c39a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22434c97a354390a%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22359592%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
02a419af669ac11c928c3ffa8e87fe9d2fd411dd6d42b6d7ceafaf121fecd5b6

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
server
Apache
status
200
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
42
expires
Mon, 02 Nov 2020 15:45:29 GMT
ADTECH;apid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687
adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;apid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=160...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;apid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
33c893499967d1700f048ec087dc1d5a236f01950327fdbd4dbb31ccb65e2a8d

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
1468
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/9879.1/5181477/0/0/ADTECH;apid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662;cfp=1;rndc=1604331929;v=2;cmd=bid;cors=yes;alias=111701c6b0e9ab6;misc=1604331929687
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.16.0-pre
Requested by
Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
532fade459fe9db4dbb81ab1e7004b53334598291ffd480bce74462c13deafbd

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.justapinch.com
URL: https://www.justapinch.com/static/js/ahmpb-1.0-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid
2fa10b18-0c40-4325-8fa9-20cfaf25bcfa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event
event.insticator.com/v1/ Frame C9F4 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
cf-ray
5ebefba1589705d8-FRA
content-length
0
cf-request-id
062b3b98e0000005d8962f0000000001
event
event.insticator.com/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:29 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-request-id
062b3b9860000005d80bbee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ebefba09e4805d8-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7716 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=3734614585611433&bg=!Li2lLQ3NAAU7ZAKtO1ihXJoCyK3AAgIAAAEdUgAAADhoAQcKATGCoxGZ6MWEsqZxpNOKJUjA8dX6fuL46rHMNV0DBOoCwo7v03kbn3lHWFFRDVMC9akwJEL6KaxD0qLjPliCYeyeCaDSTUY39YE0FFVMXySD0Cr7GzLn-BHd9ALvd8FnBCUIfU267b3Zyv7mhFEiPstCuNbDWiS0gDFxRuT40AtsK4NnS9cHVl7z8-ozPeEk-dBKd7qWa4g5jJB9T4fwJxCTwEUN3ASV0xmNNpx1XSog8RC-a7dsIi0j5yIa0016m0advgDRDPNobIEigr5VJd0DnEM4l2T5_MYzX0RJVZT-FKnez3RAnO8nXb4TA7-BztV2Sp5Sc94-m-Epn9Pf0Qq4218qW9_Z2W-bkvHSuuL1bhNCAbm9uOe21CZzXkbT6hAiabtQIKILC2Ia5qBVwriQwZkB2RV73RvVrMEDSnqkyPqeeZIYM_t_o9d6WkX3nkTTckzXOmZFmWfM8jj2KuGgM9k9794AsU5U6JJaYmqSnNgFqviUWa9N7hyr20U5yjWTlnzcNMv50MXbRbHVLc6PT4LAa7lhRfklL2JHOu8I81TQkxChoKWWVIOMN3jaRehYGAfqkYn9KUQS2KzoIPtgM6ltA36uiTEL8lySFAZGt_zw_mVmCTMq3x-hrmpUPcUwNlJh9XhgFh7chavz2CQyjFKNx1l96Uzrr9CaaCezVWYaGz2E1PUCzF3HMS5T8oH0kJxdzGblMiLsViFGSqE6tnf8jXLsK-_VJWJgZZeh1A6iadstn79cED54UXyTgWFZjuVg3GjBIUxWw886fqk0Mt2leOSGVzFTtStTTCMShdgQmCWwHq6hkZ1cVIK1w5tyrLPZWx_T87TjlJxLkJQqGPzT3_tgiro9QmfP-j8G9hp-nno9MrZoJ2WE3stjsEUPfe8fVEATwE98eXvqS8gBRX2sd_gXAA-u06dMgC_pbvjhVZjftOnKmRPdOYN60lgb3i3VEzGFmfSpQHwQqWubZ2yfE_JyQYArMIGCkTMXXsoODxuuTNyRjeypYBZeQCZURyKJPgF44V09YNjx
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
matchup_entries
embed-740867.secondstreetapp.com/api/ Frame 5058 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/matchup_entries?matchupId=2966139&pageIndex=1&pageSize=24
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb9c8c59a004bad9f5bb228312b3bb9cd3ce3d353a15ea810157d2a26220e3e2

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|9f2739ba-0101-4f76-897b-2f633354b64d|C69601|CD15
Cache-Control
no-cache
Content-Length
21243
Expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame C9F4 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtGNQcZ1ETiFuaq4Okk4h6uJz-iDoo4iJwNVMzbr5k8V9yyAnJiap_F9uQS0HNiPpp3x_8kxZF5vey1lqJ-hY1el9i1604vnI-xHXPutajaIEino6n87uw-KH8s43CAfbqW3g3VrF8HjSjLOTPGtwelUj5MhfUqmdgwmczXruag0lqhXow_wXeqjuoU174ZS9vxINjYAFxDX2zMN7XZzjkg27ZIXO91XA7ZZxhEeUovUhL2N9ttnYyBFHWPqvTB5Jm6PHudX62MOXDHRFr6ifkiZ5aMHYo3OkPx0Q3wz_svQ&sig=Cg0ArKJSzKysz6pzT7yJEAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202010061403/ Frame 0A21 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202010061403/wrap.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87b388e6162cded936084f785f9d34e7f8da8d24fe3729743babf75bdf51fb0e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Age
378
X-Cache
HIT
Connection
keep-alive
Content-Length
52616
x-amz-id-2
EFJN3jpcko6N7Nz9nXfY2noZQF4xQAthLMx+VVYhPgdJ69AXdEU+dHdqoh5JFp11QOjqtXfUO+w=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Tue, 06 Oct 2020 19:04:54 GMT
Server
AmazonS3
X-Timer
S1604331930.796594,VS0,VE0
ETag
"6b821b280717d16f7b1464cb9a864f8d"
x-amz-request-id
B674B78DC9846129
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
673
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202010061403/ Frame 0A21 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202010061403/wrap.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
208a83f9f7f042b5cc8033b749807bc33bc75e066642a5a1cd7d77730cbc5085

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Age
126
X-Cache
HIT
Connection
keep-alive
Content-Length
21685
x-amz-id-2
6Xtz2UK75/19evcOD/jORlSSb4wW6rKzZKK3tJCAHPuaLk/ghZ0ef1zafjDmQyjf1D15WcHuOic=
X-Served-By
cache-hhn4024-HHN
Last-Modified
Tue, 06 Oct 2020 19:04:56 GMT
Server
AmazonS3
X-Timer
S1604331930.796561,VS0,VE0
ETag
"6d9be48b6b8837aeabd7c8047baee5cd"
x-amz-request-id
D6803DCB94A278E5
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
186
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://confiant-integrations.global.ssl.fastly.net/gpt/202010061403/wrap.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://confiant-integrations.global.ssl.fastly.net/prebid/202010061403/wrap.js&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_2.44.7
Protocol
H2
Server
193.122.174.27 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
server
nginx
date
Mon, 02 Nov 2020 15:45:30 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
319232790
age
0
via
1.1 varnish
c
pa.rxthdr.com/v3/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Protocol
H2
Server
52.204.18.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://wlfi.secondstreetapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:29 GMT
server
nginx
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-methods
POST, GET
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
cache-control
no-cache, private
hb
ice.360yield.com/ Frame 0A21 		957 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2237e011a79eb25f4%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223aca0bb5596b1%22%2C%22pid%22%3A%2222111522%22%2C%22tid%22%3A%22a30d297e-6914-4681-8ee2-30b52b8f10f5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
37654d1992fbb1b437c1a6c6f3358ac88a5ff81a61c2b8cf5a1e29580132dd98

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:29 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
content-type
application/json; charset=UTF-8
content-length
957
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bid
ap.lijit.com/rtb/ Frame 0A21 		24 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.44.7
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
3eca54cc0c840a5049990e6c0aaae2546d33bef6354567da122716f8fe916123

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
arj
insticator-d.openx.net/w/1.0/ Frame 0A21 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=d390a812-bf75-4e5b-959d-3fcceb7519a1&nocache=1604331929807&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&aus=300x600%2C300x250%2C160x600&divIds=div-insticator-ad-5&auid=540833003&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
0f0fe5fc92b67f73749fabe7119f1674e9fcb82d6f5eda83f5bca5be336019c3

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0A21 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://wlfi.secondstreetapp.com
cygnus
htlb.casalemedia.com/ Frame 0A21 		24 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=297144&v=7.2&r=%7B%22id%22%3A%229417d85f5c7116%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210528ef487c9d17%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297144%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2211f159a1c555b2b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297144%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2212af8f6418b0c11%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297144%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bffefb7a5826a4e7a83313fa73187a032708e13596053774cd46aec357415939

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
44
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 02 Nov 2020 15:45:29 GMT
header
hb.aralego.com/ Frame 0A21 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=wlfi.secondstreetapp.com&u=https%3A%2F%2Fwlfi.secondstreetapp.com%2F&ru=&adid=ad-7727D7BEE8A8A6AB12779A779632949&w=300&h=600&tdid=&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&fp=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wlfi.secondstreetapp.com
date
Mon, 02 Nov 2020 15:45:30 GMT
access-control-allow-credentials
true
connection
close
mvo
tag.1rx.io/rmp/74418/0/ Frame 0A21 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/74418/0/mvo?z=1r&hbv=2.44.7,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
/
hb.emxdgt.com/ Frame 0A21 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1604331929810&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 0A21 		22 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_2.44.7
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
server
nginx
age
0
status
458
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
x-varnish
24297802
content-length
48
via
1.1 varnish
prebid
ib.adnxs.com/ut/v3/ Frame 0A21 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
a8dd8ce6-04d7-438e-a44e-9edf6bf7ed19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 0A21 		66 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
d2aefc0b91d62da60665f80438dca6017f5c80348784070b313c4f00931aa427

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ Frame 0A21 		253 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18040&pi=3&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.116.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
055804e6e4c1d65f467b57b49f01b0b6d8796c02b5102ee6833c3c588d57690e

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0A21 		19 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
45e89120-a7fe-4267-bfe8-2e6643c3794b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0A21 		305 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156734&zone_id=747340&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!insticator.com,4cd377bb-c455-40c0-9c7a-667505450792,1,,,&rf=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&tk_flint=pbjs_lite_v2.44.7&x_source.tid=d4c8e0ca-cdaa-40e6-a6eb-c473099a57a7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.31129588481753356
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
81c432d641de3352e78d5b666a67be4bd7b013ed12b0e1d59a6e1881bd289c58

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
305
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 0A21 		194 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22322541e81249b45%22%3A%22d30ed6a6a140ba5f4554%7C300x600%2C300x250%2C160x600%22%7D&ref=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&s=11032d02-4278-494a-a770-a1670aa5a2e1&pv=748c4bc1-243c-49dc-8d52-341170c8dda4&vp=mobile&lib_name=prebid&lib_v=2.44.7&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
44e0485a95754ede655c8bc88b87542239c6e5033adfb11484f252b82b344afe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
179
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ Frame 0A21 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
cf-ray
5ebefba18cd8cc4a-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
062b3b98f40000cc4af13ad000000001
prebid
ib.adnxs.com/ut/v3/ Frame 0A21 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid
0b7db25d-01a2-48bd-8ac7-b9f53972dde5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
pa.rxthdr.com/v3/ Frame 0A21 		47 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.18.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/json

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
server
nginx
status
200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
pixel.gif
dh014lg6uwepv.cloudfront.net/ Frame 0A21 		35 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1604331929792&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=wlfi.secondstreetapp.com&ad_unit=wral.com_Web_300x600_1&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3000:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
RefreshHit from cloudfront
content-type
image/gif
status
200
accept-ranges
bytes
content-length
35
x-amz-cf-id
quz4ALpwwDsjTtr67CYJ3wfCm48eE7p3WFGQAa9Xv59gO3VUwXnBEg==
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif%3Ftimestamp%3D1604331929792%26site_uuid%3D136953cb-88f9-48b3-9417-8f28d8a3cf54%26hostname%3Dwlfi.secondstreetapp.com%26ad_unit%3Dwral.com_Web_300x600_1%26impression_type%3Dil%26device%3Ddesktop%26country_code%3DUNKNOWN&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 0A21 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=1&token=1604331929123&url=https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1604331929792&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=wlfi.secondstreetapp.com&ad_unit=wral.com_Web_300x600_1&impression_type=il&device=desktop&country_code=UNKNOWN&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 547D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3677
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CFC 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=173959359066552&bg=!m5ilmLjNAAVJFlVVSVjAA2CaoB7o-QIAAAFyUgAAAB5oAQcKAFndpCxAvn8OeuPq7R8_1s73K0hnjPhRQLJa0Sst15XQEL8BuS6H2YT-CuWm6OeVoyNeOXULJVYd0Tw7TL3bDz7seNpHi6TJlPeTPpn1xbOROHgqKWIZoM680ZkB2RZziKg9yWM3nFDi7ZEi-Ti0vA_5BuFUMMS2wId8ZbDe99qJTcJSinG2h9e6AbtPuPMKZbFzBjEUxofNnXjvXdYHGzHKmvUxxDsmYO5dbPXF0ACtuap7A45oS3_LXT1VYf6AZrgWE4aQ38h63Av3JRx7_kCd-UdwJsSzM42q7YbFPGPofHF4PST2Kk1mdPtcUXi1OGP6Id-IXmMd-EyNHaPHyAJRCoEB6v44-DXA2CgWHJd01cqtkDhduM5h8b5_b7TPzbY4V-2FjVilagKwSVGQENZal_GJPqnfr3L0JCcF_5th63ZF2tYNHip8M_qyFo_YjuDDTa9lUoSY15thklIz6cVHLDGClf4-tRCIIkrTvQTCdLrsYnNJeQGJG-EY8DPxPcBjjNucLZ492cjsCghplQOVx0iW36zKaPa1oQNi3adRxyirUn-R-EgpbiIcwtOgL2-hys-WRrCldWVbOdev7R8Qqglx8KBso8yvVxgiIG0veAHp5fs2idfc55ZliM3uSMeR6aV7OH3W0x1L3sL_JTWYd9A4GgN8HWuDXu2rUZ0NzxO_zBsKrwYwtHQilAV7BenESCTtpu76YSX6Bwv9KCKwoSIDjBH1BdE6gmqGNjxBcMw9HjoD
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37D2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102801&jk=3596564744389964&bg=!Z2SlZETNAAU7ZAKtO1h9CcAS1DP2pwIAAAC9UgAAAB1oAQcKANMFObAdjLJcz0p5IET4fSmgyBjlueiBt73rXE2XR367efcA88CEoYMMiQywcE4uRyyv1tIaXYe-xjx7tlaYr6Tom0QzZTXechuZywgOgw57BRlRhxx4VagqaLjVCUCLfpAFv1d8cBOh-bGBsuASTa93tFdJXe4EsKyy6F7gRvLk9hOO12uapRp25u2Me7MiTfkdhUDfzYbdB3bu4lsOG-WF0jQFtihtsQXYToqxvmwcqkBbcv5QFopptXTNX7YVRMCESfPb7aolM6-8m9zrzcrQh0p2mQHZOkcyjvgnlE0n1rEvAcbZHW7PVOvNgYgZ9CQxR8KLBbP5G4PiAk3osPcM8GfT9B2ixs6b3h4L3kDJ7mh7IwkU3QjhBilIcLKP2F43iowHJj1F3KO9TrMe9tRwsveH0rwvvxG3t1SiRwPw7eqaIJULtROFUJJEaXSp2IfY481y3goPlCX0fhywVlX-EkEJ2zBb8rHVDkzytSb-x-F_9EU7Ot66hbuCPyjNeV0zSZBusrdpia5_NsfRCj4dcDe53G4vBqoKVUrhMMy9N5XVQT3sPQRIp_pqzOTDUsbAADEGXaWiXBS5addk95rkLgV5B2jCgx_fUDT0qq2pu3UWSn2T1I5Qenr5ny1rn9X2crgIl8ivMabkj2uK_ZNKMcQJM1OaDM5s6DQ5fD70Nks36zyt2Pr5_M5nSOVuIhgRO5jUV9FmAfMlPBppj3eKPx1FNqasBpCHN85S4ShvCkYkkCUwYFcaXtoVztMfuj-_op_YrEudW1gINnIdFhlOiSifgaMhjCJcSuWq9TI8d3gY4az2TQ3oA4c4sG5MD_0Es8xQBV0NqWxGzyiKDlP3DTGKBENcoL_0B6WgF3snd45PkgwLbPGYisq5EpKWiXmUKVzIGOQxkANZll-_aKI
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&pid=DXgFcVbO4IoTE&cb=0&ws=1600x1200&v=7.57.00&t=1800&slots=%5B%7B%22sd%22%3A%22ahm_widg_id_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=d1dd54fa-53ea-4197-83d4-a648ea31e0b3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.182.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
via
1.1 7eb78201dd5759c1d23b9ba1db9d8cd8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
F9zWZjED3NLqJ9MHTd225FCKuErnyVJHbu0uy7GFDR1ILD6S_zuuzQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.182.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e37f79ad8aac2f2f2e74a09fc473b7bf.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
pVB1axH7m5K13f0vcar7iq4QpJoiOeBzqIzeLGXiFGkJDrgvKQyorA==
gpt.js
www.googletagservices.com/tag/js/ Frame C9F4 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60881a3afc37085b8b47e581d598a235a9ba7c0ac1b29a8738609a2aa74d48be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 514 of 1000 / last-modified: 1604318945"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:29 GMT
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
fonts.gstatic.com/s/muli/v22/ Frame 5058 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=Muli
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:31:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:50:33 GMT
server
sffe
age
274436
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13532
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:31:34 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v55/ Frame 5058 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v55/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:20:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:12:32 GMT
server
sffe
age
275084
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82492
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:20:46 GMT
FontAwesome.woff
embed-740867.secondstreetapp.com/assets/CSS/fonts/ Frame 5058 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/assets/CSS/fonts/FontAwesome.woff?v=3.2.1-ss-21
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/CSS/consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84cb04380aee1422ab6395a3e5580e168e346216aea097d99613c97110cd8a57

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://embed-740867.secondstreetapp.com/assets/CSS/consumer_entry_showcase-06b291b9de861bf802f8dc129279a906.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Last-Modified
Fri, 30 Oct 2020 01:49:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"02aa2e45eaed61:0"
X-SS
83
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
127304
0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v7XwDgw.woff2
fonts.gstatic.com/s/ptsanscaption/v13/ Frame 5058 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsanscaption/v13/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v7XwDgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bcf402022b80b94497b8d15bd4ed43484818b00a1d8f643b0639b23e1793273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://embed-740867.secondstreetapp.com
Referer
https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:35:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:32:16 GMT
server
sffe
age
274190
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11844
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:35:40 GMT
3709623
media.secondstreetapp.com/ Frame 5058 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709623?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49ae5b9d102ac9f5294ccfdaf75c94a811f4ef2a07b43054d534145a8e655921

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
image/jpeg
X-StackifyID
V2|c84c1cbc-8548-4b0d-bbf4-b13f31635ef2|C69601|CD12
Cache-Control
public, max-age=31536000
Content-Length
32081
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709629
media.secondstreetapp.com/ Frame 5058 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709629?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
596408006d905b12d73a5f9cac306fde2f223d018c1a9f54be592d4450da44b1

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
114
Content-Type
image/jpeg
X-StackifyID
V2|3a791440-de40-418d-a4a5-c9e54ac69111|C69601|CD9
Cache-Control
public, max-age=31536000
Content-Length
23978
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709639
media.secondstreetapp.com/ Frame 5058 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709639?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f1f0bbca06942de0af05ef9012d27e4706b14fae13cb2d1189b8c64d384a3879

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
image/jpeg
X-StackifyID
V2|5e033769-c33b-4e1c-9e6e-ffad9abea1f0|C69601|CD15
Cache-Control
public, max-age=31536000
Content-Length
31143
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709641
media.secondstreetapp.com/ Frame 5058 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709641?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
699d48fef1d89053889a4e69408fbd47aa17111e4f0fd00c16881ad2be49b4cd

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
image/jpeg
X-StackifyID
V2|1010d428-3cca-4bdf-96e3-0495ac555bbb|C69601|CD12
Cache-Control
public, max-age=31536000
Content-Length
27381
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709670
media.secondstreetapp.com/ Frame 5058 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709670?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e8310bad9ac2deabbef52755a2470c6971d9a0f7a6f180895e036b72c2ed784

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
image/jpeg
X-StackifyID
V2|12e3dddc-ec50-42a4-a15e-e9d81d72b062|C69601|CD12
Cache-Control
public, max-age=31536000
Content-Length
19825
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709763
media.secondstreetapp.com/ Frame 5058 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709763?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9a470a58a7a73da5bbd94a674da46bf682c19fc5558cd411d0ffa80dbff7d54

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
114
Content-Type
image/jpeg
X-StackifyID
V2|23a2a12a-2bc8-42a9-aa5f-7491aa890e49|C69601|CD9
Cache-Control
public, max-age=31536000
Content-Length
11923
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709755
media.secondstreetapp.com/ Frame 5058 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709755?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ee55882dc71b76d792c91777b00fea6e29feac3113828ffd0920f0bc6a145c7

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
113
Content-Type
image/jpeg
X-StackifyID
V2|f34d67d2-2c9e-42f0-b573-bee76cd52e96|C69601|CD13
Cache-Control
public, max-age=31536000
Content-Length
25597
Expires
Tue, 02 Nov 2021 14:45:30 GMT
3709781
media.secondstreetapp.com/ Frame 5058 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secondstreetapp.com/3709781?width=300&height=300&cropmode=Fill&anchor=Center
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.14 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
07beef35e9bf20b1aeddce63ffc7d95eb58dbd6c27d9832f31178e79ecab3855

Request headers

Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
image/jpeg
X-StackifyID
V2|81ec8595-a947-4b51-add0-7ffe84ecc096|C69601|CD12
Cache-Control
public, max-age=31536000
Content-Length
31071
Expires
Tue, 02 Nov 2021 14:45:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DB6 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=2459483705012349&bg=!cXKlclLNAAU7ZAKtO1j54MYLThhYRAIAAAB4UgAAABNoAQcKAd68GwnE91IzyTwIWk4q6nVoy0aEMKt1CJic5V4JdMAz6XgA9sLXym29qjLlf1_1jMTDhGvLPVKfKZV5z7YU3_7pYqaGeMrVvgLafx6QpUplARw5sD1f68Q_m4ooCbVToMU8WQw5579BYdrngxY0H93Zmmu7Mwx6s30FqkyKiimmJ1-gKDZjySleVzCvns9ndsSoLABvRSv6Pxt5Ug8YEqITh2Q8mO5WAoHOH2l4etViZQOKF8PCcJJ1wZxTkCAYl03BE8DN932bZwXxeFFgUlOwNtQJ8lgPH-4YAaVmVN-3blKqM3GvYOkxy2PpYBhXtw7b-SrpC7Hboou0lWgnGCycIXTUadOzppHfuhB9JFb70IfrMchck1eLcO9ACcNuMiPxEEP2IYozyEK0G1LjrcC0rMemYbEjEmjlKKWgMuntpBg-uCy2-5CScGaXEWeXTC8gvUek26gSeXqIXvIP5myM6_CRrpdScK0EhRti1Y7hxg8U7AhEnfSvyCWbBkQ8xOlR06qnTjXuR2AWCSUj89TBZZ7C_SB5Yh3vghtwIccyi4iGMo9Y0JqWfpMynkHzI2Bqdc67Ew7sewXzCI1Zx2dLlAFIvCktd1ZLPaXHoeaBTphI3pWyoOzqtN0l9onmmQHf4Labbyn6Xs8gfSUNdbvZ1vtRWVxkVgqj7qJVON_jEEEldZ5_PmO6DQXNFoLtRsFum5O2t2AxOA9eFqj8DnhpY4E3V0aDkX-GFEj__9dZHjpwFzT37v4L4_YmcY11dhmqZzIWAcRp6kVn6qq9BdUrgFhm4E_w66p2r7EYHV2rAKoItInjdXhDs109ukdpFGGXK7Od4-Ke2fx4Rlu-0HQZszAt2ItlK6uKx0VQVk446zFkVtHLpER1J1lJ5flBokFjVP5V3iOtZA7nsRJLodeRrgNQJz2AbKxGXKTblawum9j-Nip7bpz94Vus2O8M5RvoXO8cFsKWQrHVlLoaZgldX6J8ePEnlsgnFDUqagxT8dZ5CHw1ybcnAN1E0I6coH70nPJxOSUL4jZZMVG-gIbQqYX4mlAgOpvu2zimJG5LMYJKM46d4EobrsBQkOwpYyY-xg5forVPS0QlFVg7HlBNdIOrB80B6-HSFOyHCV26bdLoVO10vD7K2Pl2ugoAwUcKM-pWKWdm3gmuKshiTVyEToNnSSLAO0Jk2GDxGCHmIhcLKOiDuU1Dg98MV9ieycNOVMVzKte-k0YtuwxJEQs-GclCk14cbvVMkHvJM2Be4Fu_LXI8hT9ZM6WUw92W94I
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
x.yieldlift.com/ Frame A100
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:30 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
a13854e7-15fd-4d58-b36e-5ef1f999f4f3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame A100
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
setuid
x.yieldlift.com/ Frame A100
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24E...
  • https://cs.emxdgt.com/umcheck?apnxid=2439992024379757519&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
  • https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2439992024379757519brt153591604331930737043f1
0
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2439992024379757519brt153591604331930737043f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

status
302
date
Mon, 02 Nov 2020 15:45:30 GMT
content-length
0
location
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2439992024379757519brt153591604331930737043f1
content-type
text/html
setuid
x.yieldlift.com/ Frame A100
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
0
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
x.yieldlift.com/ Frame A100
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=3639051305
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=3639051305
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005&google_hm=NjcwNjU4YzMtMDlmNC00YTcxLTliNjMtNDVjYTNmOTk2...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEXqREqZu3aihNCinEkc-Bg&google_cver=1&ssp=adconductor&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
0
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
Tengine
ETag
RX4ae7e9c070304debafdbee81e3cd3a9f003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Connection
keep-alive
Content-Type
text/html
sd
us-u.openx.net/w/1.0/ Frame A100
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJWPxOJca5jGh1ZpeX3Qr4U&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJWPxOJca5jGh1ZpeX3Qr4U&google_cver=1
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
via
1.1 google
server
OXGW/16.197.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJWPxOJca5jGh1ZpeX3Qr4U&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0A21 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNj-3A5wi0U1x758497COb9C48KvHcoCxIazOzEsyhgbmpjMDuWIeQlANZ_8EwnIZXBkT3KhAdJhAYNBl4oa0d2W6lLMnOAIFsY7OY0tSAa4YkrztMTKdml3WIzOixPcuD4GKofCN0jNiUXPM-2NL8RHPenhhLzezURR9oVIQP8Msskck1OMdN1-jOE9aMylYuN8l-8HJM2jMPr26kwBF6tzMPUsJPIGb3IwfTV95YwUojkN7X6ahadiKlM1POetI3BkdXo8HRkasemgtgaT9zxW2cS03S_cLx97USyDydOw&sig=Cg0ArKJSzPaL79H3f_16EAE&urlfix=1&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame C9F4 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
domains
embed-740867.secondstreetapp.com/api/ Frame 5058 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/domains?organizationId=322
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70a2d53e93236eed330e77444ade4148aa87d3218fa65058ec3916d5626b53b7

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:30 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
83
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|3ee022f2-23e0-4e2c-8bd3-7d29b92253f8|C69601|CD15
Cache-Control
no-cache
Content-Length
2125
Expires
-1
322
embed-740867.secondstreetapp.com/api/organizations/ Frame 5058 		543 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-740867.secondstreetapp.com/api/organizations/322
Requested by
Host: embed-740867.secondstreetapp.com
URL: https://embed-740867.secondstreetapp.com/assets/vendor-501a1eb72ff219239064dbcd51ee27ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.19.89.15 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-15.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
064f40eb034d7b2375d3fae56ff781752b05179f8fde9abb5be6f90d9ea1dcca

Request headers

X-Organization-Promotion-Id
740867
X-Fingerprint
afd0ec3e55509031dd3157ae8417b4e2
X-Referring-Url
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-740867.secondstreetapp.com/embed/37e96a26-4410-4382-9f57-2991ead06c52/rounds/1/gallery
X-Requested-With
XMLHttpRequest
X-Organization-Id
322
X-Promotion-Id
617756
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
79
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|25c4034e-cc43-4de0-8255-761fd3d4111f|C69601|CD12
Cache-Control
no-cache
Content-Length
543
Expires
-1
integrator.js
adservice.google.de/adsid/ Frame C9F4 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C9F4 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C9F4 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1588492031118791&correlator=1920964863285692&output=ldjh&impl=fif&eid=21068393%2C21064170%2C21067633&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=27794161%2Cwral.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cookie=ID%3Dfdbbdb8bdc15bd1c-22a9311f62a6001b%3AT%3D1604331928%3ART%3D1604331928%3AS%3DALNI_MYxbHRsVvIR8912qFC725fgMgTTig&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331930&dt=1604331930566&dlt=1604331927362&idt=3147&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=236&adys=1882&adks=1627582656&ucis=65vsov5zz06g&ifi=1&ifk=1412906946&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2Frounds%2F1%2Fgallery&dssz=19&icsg=8389282&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=131401762.1604331925&ga_sid=1604331931&ga_hid=922842706&ga_fc=true&fws=256&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
aedc1f19db62ef9645a1ceae7ef270c7488b4362521c9145e4433bafef62ce16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11518
x-xss-protection
0
google-lineitem-id
5449351360
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138320565225
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C9F4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:6000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:43:21 GMT
content-encoding
gzip
last-modified
Wed, 14 Oct 2020 03:23:55 GMT
server
nginx
age
129
etag
W/"5f866f4b-8e0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
vQlMfYV_e-O65yIU0mWybQ_nO8Drg5JiLY7MOYoIn5YX-_bDShwo6A==
via
1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
expires
Tue, 03 Nov 2020 15:43:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f07541f38d45aa73e4be96f6ad8c6d56caf4727d94dedf28db17bd550f77c885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6519
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 0A21 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"681 / 403 of 1000 / last-modified: 1604318888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17911
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame 0A21 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6E7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3678
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wlfi.com&p=%2FWhat-Are-You-Thankful-For-Photo-Contest%2Frounds%2F1%2Fgallery&u=Dh6qXMBvsH3GDLWN7_&d=wlfi.secondstreetapp.com&g=64948&g0=WLFI%20Contests&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5996&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=8768&t=D9B3MvBbNeY6DV-zt7D55GERU0fFM&V=121&i=Contests%20-%20West%20Lafayette%20News%2C%20Weather%2C%20Sports%20%26%20Breaking%20News%20%E2%80%93%20WLFI%20News%2018&tz=-60&sn=1&sv=D8P0rZDy94zsRjCmLNdJVmCs-F_N&sd=1&im=06430c43&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.105.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame CCED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWnuZH6sk7rS0M-zO9DcgWSPne3UQvFR6dLeHBYtHc0PIQaPCSUL5f0uQnlh2Uxw2viJ3wizQoxIyc3UKmQwkl-RVXlT_B9BsnF7P--gc6S840-sUjhrzzlIaM3lI1U0T6T--ouVU9cW-3evgLlxoYXKZHp7oozNP4WFv7uZ5EyX7_1iEWgFVHuMZ_F4H2xkMhd4sRgCaOS59P-xSXsHSdDt8llTjBPbVQBe-sNWitKydeoNaMcf1KGrwC4rA9nyDGuu_LQPq-B4326laFTK5sZ14oNeo&sig=Cg0ArKJSzGsWQh8OYwAMEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame CCED 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7216
x-xss-protection
0
server
cafe
etag
9928567655033844918
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:56:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame CCED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame CCED 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
l
www.google.com/ads/measurement/ Frame CCED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMylsuCi1iX0yRhs1DbQxoCyUvTU9rOsygKb9H958v1wsxBOVtQpPAGx23OwcMEN1XfQi5HzDO1QNaWC1FDfIHejAQAw
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
4068546183806204155
tpc.googlesyndication.com/simgad/ Frame CCED 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4068546183806204155
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
744ff524d1ce233b0d7f09c86d6ef081fd162cd6187c8cc9df59af32f26d6081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 17:06:01 GMT
x-content-type-options
nosniff
age
81569
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11795
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 16:18:02 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Nov 2021 17:06:01 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame C9F4 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C9F4 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068393
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3488365e800a5eebd527d5ae3184704fdf1b1b45183cf4a396f2b29cff03921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6539
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6DB6 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWz5rcJigHXRGMXe1A9K5WR2lc-uLNky1XCygVctofiy5esK3wtwaLPhDXvi1O0oBpsTILsETZmKgo20f3xm8kmLUeP-EBJws1Uj8bcUg&sig=Cg0ArKJSzH6iCauHxh1-EAE&adk=415602581&tt=-1&bs=1600%2C1200&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&p=0,0,90,728&mcvt=1024&rs=0&ht=0&tfs=1402&tls=2426&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=1241&niot_cbk=1373&md=2&btr=0&cpmav=0&lm=2&rst=1604331928115&dlt&rpt=1419&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C5996&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-5-7-7-0-0-0&tvt=2422&is=728%2C90&iframe_loc=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201030
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=2131841799352984&bg=!hoWlhaXNAAU7ZAKtO1hUQIWvIAS3lAIAAABqUgAAAA1oAQcKAZNYc-flDewHgcwPGV5jC3LRPb_rtBiC5VGxYmFDf9by_O4p8yX8X_XZa77QpS5YJjPKoJk6byG5gmOzW68ofahMrdEjQKrly_jbpdIH8aEGuTkwiufkI0wF58sF00UlR_IDK3nQuSoSTXZ6u0ne0a9WD7mLvxVt4-ofSiM_7NYXELzv3YVemj9E0-Lxa65YSzbmZb8OSSqUwxoWAbm1XwKCq3hnPi7576F_W4FWGsshiert8rjDaAe2dghoAmEJZfZFfnoTE88inwzBqtBM8y1e8GW4ePoIw23-NYbAEUf1oFO3XsoA2w4WKVbxQnHSiwsF0eFvHIecjejfXvsN-5Esv4ZMchyPXhY5WMuhqgL8COdNDW-zSdw_QHzofz6tuPd2wVpBKDNIdE_L969QAJdM2abcx4d4E1xIWHj33c6b4Vg7516R0DeczwnkSO_uFK-JNUjH_T8RDI27oNA5jp975cm5vvipuajdqnTm2qGE37Mu5XSK5c_g-aqhBHZNQvQzCXlP-OroPr6hm4dDBx4Zd8DOmQGxPyIQluonmjNSxvAbfbBaitpxGRD8drhz3TvX_IRlygsAgoM25cR4_u78eVFbdiHcPUEpJm1JB4eJW4eYPACuWunZTWgdSaaZpUegADCp78Yz3Py1_nQeNAlEgCI5zAt2jDZzKWLaEm-l3hRgRH_RbLy8RCBA5SFt5ll8DxHjXxgpzV9UptOcRIIQrOn_qdFP7I_AzLPgjV6Pw2byJlKKq8ZBV6M8BJH3cnm0rmd4cVlqFyVllhf4c1TSYxVJ9XVye89bXZeZRk_mDbP3sdegXGJ4HDJU5nhPaE2S0ucQjBEZb3jZ_pYzP3BFAwXY9wcKSoc_7cRftOQ0bsjnPi9kLKj14hrhhtUpLwVF_TUjEOhbVYi5agQp7jIZD-eqrhTFrgRnx-6zGp_CfJWNu9skZaR4dUYkt5c1iRva_zNePbjgwnCkv-7yO074o5tffjnvLXx0T28KU7fBLusHdtZsQ_PRUMNIvBDQ1H4j8YDMpWqaOdBzt6oLzLLL7eV1rjW4nB242T3u0PuUrbHxi8sT65kqywpPTq5tCwvn640vEHu81YqkHf9Q7rB4PBuilU5lDQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 0A21 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A21 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wlfi.secondstreetapp.com
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0A21 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=226454662752638&correlator=4234156657879429&output=ldjh&impl=fif&eid=21067994%2C21065975%2C44730557&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=27794161%2Cwral.com_Web_300x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331928%3AS%3DALNI_Mb6bsP-sb_J4B7Im-gLipYItacUpg&cdm=wlfi.secondstreetapp.com&bc=31&abxe=1&lmt=1604331930&dt=1604331930896&dlt=1604331928707&idt=2154&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1250&adys=3032&adks=4280580708&ucis=t20mxvzhjf54&ifi=1&ifk=2933166284&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2F&top=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2Frounds%2F1%2Fgallery&dssz=19&icsg=8389282&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=131401762.1604331925&ga_sid=1604331931&ga_hid=1124744171&ga_fc=true&fws=256&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ed4332deb9de049998b51483715a35b5f2e93473a5406687ecf0819b26592db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11002
x-xss-protection
0
google-lineitem-id
5449351360
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138320574012
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0A21 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame CCED 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZhJFZer6pA3xDjU1yvB3U8FG1NG50wz0A2e37ui371-bWJWPsaUR8ozmMPgaWTaQ5zb8_Q2Xzk5eO4yzdnW56B5GbDUdt6EbYdwU63z9uCOGxzDfPdp5o7wbQVwbCeY_6rU30n8S36fCeBDvUK7JvnDVSpfIZJzviIQcDl-Wn1IQ11AFEuFH0B0_CFxAEWSQMd931BlChTvNXtGSlN3yvN5XUTsZoaXmDnWzGiYq2lac7h9aGJiivgyB1MTYyeTZ4Ahwc027gMF5muztNdySUXDDvcQWMQ&sig=Cg0ArKJSzJtglmljNvPFEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame CCED 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0136547f46700914f3b9a051aa2c7cee3a3fc0ad045da6ed24226d0ed111f86b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C9F4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:31 GMT
RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
sync.targeting.unrulymedia.com/csync/ Frame 1CFC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=2225404143
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=adconductor&bsw_custom_parameter=670658c3-09f4-4a71-9b63-45ca3f996005
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=adconductor&expires=10&bsw_param=670658c3-09f4-4a71-9b63-45ca3f996005
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
setuid
x.yieldlift.com/ Frame 1CFC
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$UIDbrt153591604331930737043f1
  • https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
0
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid
da3fb82c-4f88-4d9c-84ba-4ce806cf51b4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1CFC
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDY1ZDAxMmUtYTg0OC02ZDdhLTQxZTEtMjE0MDk4NzU4NGYx
170 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDY1ZDAxMmUtYTg0OC02ZDdhLTQxZTEtMjE0MDk4NzU4NGYx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
status
200
cache-control
no-cache, must-revalidate
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
server
OXGW/16.197.0
status
302
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDY1ZDAxMmUtYTg0OC02ZDdhLTQxZTEtMjE0MDk4NzU4NGYx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
setuid
x.yieldlift.com/ Frame 1CFC
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
0
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
x.yieldlift.com/ Frame 1CFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
0
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
AN-X-Request-Uuid
01c99484-dd82-4d25-84b0-7ca72095b46a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame 1CFC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
setuid
x.yieldlift.com/ Frame 7716
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$UIDbrt153591604331930737043f1
  • https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
0
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid
8dbea611-67e7-4741-b151-1600781ddd6c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519brt153591604331930737043f1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame 7716
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
0
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid
98656f7c-bce2-4ae2-95f3-6a9e52006a81
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2439992024379757519
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
x.yieldlift.com/ Frame 7716
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
  • https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
0
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=4363e4bc-58ea-4969-9732-2d9ca295294e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 7716
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://match.adsrvr.org/track/cmf/openx?oxid=2a32d2e4-613f-33de-5401-7bf952974a91&gdpr=0
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=2a32d2e4-613f-33de-5401-7bf952974a91&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Mon, 02 Nov 2020 15:45:31 GMT
via
1.1 google
server
OXGW/16.197.0
status
302
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://match.adsrvr.org/track/cmf/openx?oxid=2a32d2e4-613f-33de-5401-7bf952974a91&gdpr=0
alt-svc
clear
setuid
x.yieldlift.com/ Frame 7716
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=&gdpr_consent=&us_privacy=
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=KH0PT19V-M-8UY9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
sync.targeting.unrulymedia.com/csync/ Frame 7716
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003&rndcb=907564492
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ef4c866a-eba8-49fb-adec-843cf5892352&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/670658c3-09f4-4a71-9b63-45ca3f996005?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:31 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-4ae7e9c0-7030-4deb-afdb-ee81e3cd3a9f-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sd
eu-u.openx.net/w/1.0/ Frame 37D2
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2165549086040490199
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2165549086040490199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
via
1.1 google
server
OXGW/16.197.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
server
nginx
status
302
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2165549086040490199
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 7775 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzNIZZ3QTvMXMcm0P2nSuB2_opCbvutEY_-bl8op--VbOKHgbjOelJiQISQCvlUfKj1gC-xlzeBdYvxjhBNYgZkwygltXavsQAuSUoOkZXlwY-9MyuZ9-W4517u8PHr8XNLbQwVGTQ4SrU9uNvZpEjN9RXIeDRGui8C-QeQDgqrlW0ufZ-A2x5D7YOUjuUDdqNgF0JoQJOaILZjPJBC2klnUCtRYohaefN6UHGAHAqK690yFEE5YC_IrxgLYic6m5p43n5OjONyHTrAZqyioOAUjl3iEY&sig=Cg0ArKJSzGzhxA4Ceik6EAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame 7775 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7216
x-xss-protection
0
server
cafe
etag
9928567655033844918
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:56:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame 7775 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7775 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:31 GMT
l
www.google.com/ads/measurement/ Frame 7775 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb9x9rLpyjJh3XICid7uisTtmuX17m726KzEb2B8Sqs9Ws0ER7f_9EpdVtT65zvriUb7sL_7GnwdwhHcBoSwEuthBNBA
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
8383865552841489365
tpc.googlesyndication.com/simgad/ Frame 7775 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8383865552841489365
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 03:14:42 GMT
x-content-type-options
nosniff
age
131449
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12393
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 16:18:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Nov 2021 03:14:42 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0A21 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A21 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0243c79d4974511cb730b6d44359ca9f420f3b29ead1af1c3b2a1647b106a923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6427
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7775 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhsYFTSOpci9TlFk8J4YcHPhT_s0X94bBx95eI1OGsDDVmHqRunP9Xz6cFLsHnTUzMGmrmpOGpVqSjegIJsCTLNJ975XOsJNLeMH_x8bo_WGmvn6LK1a-JvsTieWQXZzunV-Y6xux6W4ZrhR8OsiNhHxJu3YJZlRlivZVF6FxMbY1h3WI4Y9k0xB_aWHD3bHsnsPnPsRUQPlem-Hf7pp_ZNQ2GB7wyyc1YF-AH7kEZMOw7Wg5boy18q2s_RhqLypoVwkI0Dy0ksLC5TzJQdDqaqUijkX8vgFo&sig=Cg0ArKJSzMu-f0yUWa6mEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 7775 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094e7f4e7dc1b95b75548870ede04533d3c337a76b9e3bcefb040e5c69e1b2c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A21 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 357D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3679
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame F4F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 02 Nov 2020 14:44:12 GMT
expires
Tue, 02 Nov 2021 14:44:12 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3679
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2131841799352984&correlator=3249050733043884&output=ldjh&impl=fifs&adsid=NT&eid=21068381%2C21067193%2C21067576&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201102&iu_parts=281191609%2Ccityspark_heartland&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=frstlk%3Dtrue%26amznbid%3D2%26amznp%3D2&cookie=ID%3Dfdbbdb8bdc15bd1c%3AT%3D1604331928%3AS%3DALNI_Mb6bsP-sb_J4B7Im-gLipYItacUpg&bc=31&abxe=1&lmt=1604331931&dt=1604331931495&dlt=1604331923234&idt=1533&frm=20&biw=1600&bih=1200&oid=3&adxs=1250&adys=4201&adks=3778494908&ucis=e&ifi=14&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwlfi.secondstreetapp.com%2FWhat-Are-You-Thankful-For-Photo-Contest%2Frounds%2F1%2Fgallery&dssz=71&icsg=2403532418318368&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=131401762.1604331925&ga_sid=1604331925&ga_hid=225910251&fws=4&ohw=300&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
93adccb56ecc591a33efcf800deae90fb4393c298ff921c2d54afe8162c89d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10897
x-xss-protection
0
google-lineitem-id
5346415577
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308894056
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9F4 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=1588492031118791&bg=!Dg2lDS3NAAU7ZAKtO1gDkVhI4_o8_gIAAACeUgAAABloAQcKAcT6oAIbeIuTISKC2WD7REGuUbGKM09AtC9kARcW9E5Dee1aCH81H2lJga-E4iWppQeXZgzknOU_SlfdjdL9uXDJFdrmfXHI6SL6ojtUmUGVGAbRB_DS4VvOogcUElAXGVLIQfLPkwQQDdr0WAM1WHYFrIetqxj88jpYihpCuxNMKRSmc3hroBMrhyCrnTEFqUDnCDw9lb4ezn6-GroC3jM6QReLIE9pSmLiYQZMPTYLU8Tkky6noM7SGXIDC0n83nGHuWsmobbeZ2tn9aE0Vo_dLBc0Q-TEjD8RpwgzYMGckReCm_xTGQ91-wrmMBihv3IN27yA2KEIcMjbWqOu4ujKw1pzXHEhsdNv011_qw-pZKk00XGq0YwaKBYUc175ceYTsga_y2pgtYk7BFpYhOHJ3Kl4A0P1Eg1bII_cNCYoYSrDszymxMb86dIV4UmACX25wH_drTA3DOmPDpqQmjHfcGEjSBooycVIOEkM47CKmz0QfOFOHxcxbEo6zcaFGqIIwpOV3IAX4nsTaWShh_ylP5AblR6cenfV_kMb0lxu6nWAVW3ZCbAtyAQZqKTy1-zbL_6qkU2HVOwdqLroeCe4TgbSkJkB31URv9pnY9_1VmIGbK7MSrK94qOJpn1rA86S2VU7H8bydStUU401IFUYd4fS0oCTOUiwpLlVG3BAxdLdGGguXS-P5gk51q5Mfx_K-P_jlj5N7VWFoa5HlwcKirDyEcmp3Yt0LwyHjadF7zfePWixqosjxVABqjk0_p2_pwKxd9Vh1nrJdbe-L785GIXUdFs0T72LjDAWltthVvKDZhkbuzIZ9KzPs_QL1T_B85ch0TjOWOPn8w-Dk5OouXgPdqnjKTKUxvwtLR9XDdW0OwGyN7PK7yq0apbEkR2S3rFKRVRW6mhphfUz4RDLD4ssJAGpzRDdJ_J6KHLTf9uhd9IYUYu0ItepXBS1xmiAbMgWMsOJauyNHB9RhjNuk7BtaRaJWfwVAQA1R2RQXLDwkR1sm0av4PqSs-3CH3al4k5Ga5fTLigphf21n0-RNn-IjUZPcrqgY1rZDk2wVjU8vvhnWR4z6NanGHE_-70pqn26afAPHI94Z9ZcSZmHWwaNMl44xp96A6tTaY1EMpjBjHk1mNude7w_igeJORNwoy4vbE095JvHm4mL5t5Uav7Znqe5jkp3oON783hj2YxdWzUGSf8dXIEijiJLE6r59FnEWCujjkhxoqv1AdxVMGna5rjo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A21 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=226454662752638&bg=!EhGlETHNAAU7ZAKtO1iSqmIBveubwAIAAACgUgAAACFoAQcKAXtir7qds-4IIIFTRjjcjk5b1nH1OREaaB_pY4qZ5ETyTws1APIVEuGFvbUzgvcPmQgIz1KHAU-b7ewXQp0ukqBGDx3d64lIDjj00bJBdVcFaiOfgTCAQFTrckQn693DKDS6AF3mtT4kHs9O-HKm-oGBxBtFgRIOw1TY703liur0a6HeHNw-it5G8c1DGuBtWUlhGgGFrZdM7iNNh5jNpiuGlvymBJvZdt-LVlhlUYHRnjps7JDaAgZrwTHrU6IpFrC5bRJh1dMsmIhlrMNabiwLKoEr6OHkU-6ohr8EAY_D3ZXnjh9v09Wion9u30HaEjCFDVvmvtZteIxsTrEAO52p9agHgCBaSZSjrkYuIkOjvLwGb0PXTe-B6QGDgnoiC_tzCDhCOwO81CFp2kVoFlNFpWmRzOSyhhHZJ1aYxG_H_WK5Y3cC5yW9ZTMvWPuTJVyyXb9IXFcahiHpE72sIVls-zTaOOAhx8bHJmQ1PMzllqEj2Di_fHrAm2n3mQHfTPvyfx7N6iWVTABixWZmClEtdIFTv0MoBDXFDIhjtPG1MDLoOwEeGaNcsLyID0tcYYiUzGFwuO_1Ih4fxpgiLKN_36D4hUXa7geHebkOeUfF5KJ5BesX6E4XaHNb-M1aXfOMpBfv4ujqImREf6pHPsd7xFVpOT_21Xntw3FbhbV8rGh_leElqfzSrI9sC6yzt7ynq9cVCJkfJQgTgyFQGi6ahJMdefqCzoYXZSao2mds4cp4Cu6_3ysl4vTu8IcEKUvJwLzZrnjxvwZ87iIkki0LdDEgIjjgVDT49SpbuBVFivOoSp-p60mRhtPFVKIg0BcawZ7YMiE-Kz0-jT0n9PrvQZRq_A1DWreeg8r6OhXGrNoWzqt8uSLue_ATU4xThF8qR4BUl3Q0bGk8iIJ9giicWBxLw8W0NY94aBQ-pHs9LP6vU8zeYvpB9T6gPg8SFKO3EwdxQFqEEade_Ijp01apZA4d1ih5JhqyHtHQ-Ti9PMFgnV0lNCGiruajSZTBhjNL5R7iNSI0l2x2tmOlLn0lAl4g6UHu3fXsz5CO3yRLk2p86G15diuoaT3HsZrsS5xEFtrdeoxpc-t8GZvI-szL-IMQZR6zobIBalLtHeYV-NVskyTkbuFEYpNLayU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A10D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_WPSmfpbCcnlJgZh62zmhm9CmfazOaKXwmfBu3ubyNHxlfyCdxwYt4ihVXgzmDx-wdd8FNmYVpiOHxhNRsYTBdabUXB02b2rJlS_LzeZQ2tHdYUzo-tyTAmpHHh3bbN1yW4XBzGMUPoR6q9AEnLmXA2yqef48nXrpU4Eqi5jGn4ME3nBkYJIQCtLVq9m7UL1wnaEEfOv3-Yr3k2sJgC57OmYAEzY9VfcgGeviPj3h6qPSnrGuPMCR6XKV-vQ8-kySAOeQgH7UbBG-Tm5JlPuo0csuRt4&sig=Cg0ArKJSzDBBGbx-N-guEAE&adurl=
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/ Frame A10D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/abg_lite_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7216
x-xss-protection
0
server
cafe
etag
9928567655033844918
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:56:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/ Frame A10D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201029/r20110914/client/window_focus_fy2019.js
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 01:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:32:09 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame A10D 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604057784510231"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28759
x-xss-protection
0
expires
Mon, 02 Nov 2020 15:45:31 GMT
l
www.google.com/ads/measurement/ Frame A10D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9q5n-C_WWUUWSD76noWu4CqBeXAdWsZbSih0ZUEzxd_xUJV9e4oLTlCzW3HwAOhDFoYNk3npbWLwfz2XbijfsZ7_T8Q
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
14600285525930961583
tpc.googlesyndication.com/simgad/ Frame A10D 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14600285525930961583
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
553e52f9338aefdc47bbb0cd43415aa04843c6b76b7f99557d6353926ba1add8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 12:11:12 GMT
x-content-type-options
nosniff
age
272059
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
927
x-xss-protection
0
last-modified
Thu, 09 Apr 2020 17:00:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Oct 2021 12:11:12 GMT
truncated
/ Frame A10D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f213c72e8c19679a28a78a994eb28d1271e4ce2c7c12b4ec685d983708dfc67

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A10D 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZAqyxAMdsOvIE3fDUmZnAqL1P5sdZdDq1ID1iH7ox439UwObk69E1m6fwrzTgMw5qvDIeADgfAYF_9jZsQtm_oc8InfF8NZW6aGB4mBMfhgokgkz6IK9rvG6kIIjC_NbMzwQorhPy8fjnfzxrEqDYyWMDqx-pR7Tv-d6LO68B995wv3MFKjxORalQp7dUYruIJj6KGQVLVs8h1_vxjdmibZqHT3XIJvpvYijx-SFS685n0FD9z1-t6kUDuPXtfBnyheGF8XOfdjsYxK2Mjzag70qGcyePsQ&sig=Cg0ArKJSzGiB_5leffW0EAE&adurl=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 Nov 2020 15:45:31 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A2F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.51 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-51.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=2439992024379757519
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 02 Nov 2021 15:45:33 GMT
Date
Mon, 02 Nov 2020 15:45:33 GMT
Connection
keep-alive
Cookie set uc.html
sync.go.sonobi.com/ Frame 573D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4bd1642a73
Requested by
Host: d3gpkdwom7cn1q.cloudfront.net
URL: https://d3gpkdwom7cn1q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__uis=4363e4bc-58ea-4969-9732-2d9ca295294e; _usd_wlfi.secondstreetapp.com=a9c1a3f6-d201-4fec-a3ec-96d98366ec1e; HAPLB5A=s568|X6Apn; HAPLB5S=s57129|X6Apn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery

Response headers

Date
Mon, 02 Nov 2020 15:45:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Mon, 02 Nov 2020 17:45:33 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=4363e4bc-58ea-4969-9732-2d9ca295294e; expires=Wed, 02 Dec 2020 15:45:33 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s57129|X6Apo; path=/; domain=.go.sonobi.com; SameSite=None; secure
Content-Encoding
gzip
Server
sonobi-go
sync
pixel.advertising.com/ups/56465/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:33 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
aol-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A6f5cc5d8-1d22-11eb-ade5-123ff9725662&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 02 Nov 2020 15:45:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70
sync
pixel.advertising.com/ups/55965/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=FPds6BOoNLwMpj25FqIg6RGjabkMpzjrQKk2AUHQ
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=FPds6BOoNLwMpj25FqIg6RGjabkMpzjrQKk2AUHQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:33 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:33 GMT
status
302
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=FPds6BOoNLwMpj25FqIg6RGjabkMpzjrQKk2AUHQ
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
c1.adform.net/serving/cookie/match/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=1&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d1%26gdpr_consent%3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/rounds/1/gallery
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:33 GMT
server
nginx
status
403
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
rid
match.adsrvr.org/track/ Frame C9F4 		109 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3b655c06bf8329b7440129001594be5fdacc808ac68e4c94d77a471ff71d0d5b

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 02 Dec 2020 15:45:36 GMT
369.json
id5-sync.com/g/v1/ Frame C9F4 		190 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v1/369.json?1puid=&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.39.66.15 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1c1ed221921ac2d457b73650a8c956340d094c2abcbec440a25246fcd38f9ad8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:35 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
text/json;charset=utf-8
Transfer-Encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame C9F4 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status
451
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
usync.html
eus.rubiconproject.com/ Frame 1C25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 15DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:123:877]
Cache-Control
public, max-age=80702
Expires
Tue, 03 Nov 2020 14:10:38 GMT
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 8458 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=avHmsEZx0r6ikSaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=avHmsEZx0r6ikSaKkGJozW&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
204
x-33x-status
2020008
server
33XP005
date
Mon, 02 Nov 2020 15:45:35 GMT
pd
eu-u.openx.net/w/1.0/ Frame 8E3E
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0189f86b-11f7-086e-04a3-cf6e53e928fd|1604331936
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=0189f86b-11f7-086e-04a3-cf6e53e928fd|1604331936; Version=1; Expires=Tue, 02-Nov-2021 15:45:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1604331936|gekin0vNiygu; Version=1; Expires=Tue, 17-Nov-2020 15:45:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.197.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Nov 2020 15:45:36 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=0189f86b-11f7-086e-04a3-cf6e53e928fd|1604331936; Version=1; Expires=Tue, 02-Nov-2021 15:45:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.197.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
date
Mon, 02 Nov 2020 15:45:36 GMT
content-length
0
via
1.1 google
alt-svc
clear
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 45E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:36 GMT
content-type
text/html
set-cookie
__cfduid=dbabb3ea5d32fef966172e0a57f7f64f11604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Thu, 05 Dec 2019 04:33:41 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2142
cf-request-id
062b3bb14000001f21282ee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6hbJg3Od2DWbxRIS7m9WwqdsqUjQkQFk9AF7SAk5%2Bz%2BqxzMpb%2FdThdV7EhEft0l4w4ro6IhyQYoRbLONSDASHa%2FghCdehTiRBPFoe2R872%2BTRYHg4wse0hdqvE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5ebefbc869181f21-FRA
content-encoding
br
index.html
cdn.districtm.io/ids/ Frame B9A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:36 GMT
set-cookie
__cfduid=d6d1125d0ac9047591cdc9665ab0ae4251604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
062b3bb1420000cc4a2d02a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5ebefbc86b1ccc4a-ZRH
Cookie set uc.html
sync.go.sonobi.com/ Frame 1585 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=e315a43aa9
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Date
Mon, 02 Nov 2020 15:45:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Mon, 02 Nov 2020 17:45:35 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=6100ed24-09f1-4416-941c-a3918c762cbe; expires=Wed, 02 Dec 2020 15:45:35 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s579|X6Apo; path=/; domain=.go.sonobi.com; SameSite=None; secure
Content-Encoding
gzip
Server
sonobi-go
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 686D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.51 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-51.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 02 Nov 2021 15:45:36 GMT
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
Cookie set check.html
biddr.brealtime.com/ Frame 259A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Date
Mon, 02 Nov 2020 15:45:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbca48d8bcb826267622daa04ba5451431604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
ji6wmyCS3VqQvAEXPZKCtjrAe13DZy/Fu45NOCyOirb0iehyxT0uS3Ql9omEp8O8zjqnrFZ0NoE=
x-amz-request-id
466D708BA66EC416
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4904
Expires
Mon, 02 Nov 2020 15:46:36 GMT
Cache-Control
public, max-age=60
cf-request-id
062b3bb1c400002373da93e000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5ebefbc9384d2373-ZRH
Content-Encoding
gzip
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://ssc-cms.33across.com/ps/%3Fm%3Dxch%26amp%253Brt%3Dhtml%26amp%253Bru%3Ddeb%26amp%253Bid%3DavHmsEZx0r6ikSaKkGJozW%26amp%253Bgdpr_consent%3Dundefined%26amp%253Bus_privacy%3Dundefined&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://cdn.aralego.net/ucfad/cookie/sync.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://cdn.districtm.io/ids/index.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame BBEF 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=4b76e3cf-9196-44dd-ad61-56402577e823&url=https://biddr.brealtime.com/check.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
rid
match.adsrvr.org/track/ Frame 0A21 		108 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f88f33e3bbd578a4073453dcc247223cad3baf5c47b24da5fbb1ce34cfca6a2

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wlfi.secondstreetapp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 02 Dec 2020 15:45:36 GMT
369.json
id5-sync.com/g/v1/ Frame 0A21 		189 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v1/369.json?1puid=&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.39.66.15 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
345b33df1f8b8353161a23452d82d3ebcbf4ac677769b8ea9d36bf9ab34e093f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 Nov 2020 15:45:36 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://wlfi.secondstreetapp.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
text/json;charset=utf-8
Transfer-Encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame 0A21 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status
451
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wlfi.secondstreetapp.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
usersync.html
ad-cdn.technoratimedia.com/html/ Frame B6F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.44.7
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9B) /
Resource Hash

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_2.44.7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
263
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Mon, 02 Nov 2020 15:45:36 GMT
etag
"3fc5-5aee1960f1a00"
expires
Mon, 02 Nov 2020 16:00:36 GMT
last-modified
Wed, 09 Sep 2020 13:39:52 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C9B)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
284451165
content-length
5244
sync.html
cdn.aralego.net/ucfad/cookie/ Frame EEF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:36 GMT
content-type
text/html
set-cookie
__cfduid=dbabb3ea5d32fef966172e0a57f7f64f11604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Thu, 05 Dec 2019 04:33:41 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2142
cf-request-id
062b3bb35e00001f210f9f5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Egks4gPcZT%2FsWNpZBKvYITzpGvcX7SdqXND%2Fm5U6olj2i7DVBB7NCouitJGTQ03amPE6%2FlrvgaWrnscAcWedwiqB8Qvp6ARPE%2FkHUXbTc7dmQata4Tj3aqBxnJs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5ebefbcbc9a11f21-FRA
content-encoding
br
usync.html
eus.rubiconproject.com/ Frame A2EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KH0PT8SC-17-L58; audit=1|JBqfME1nOYIfEM2CbopZrp8JzcPy+kwEkNOatO2NebRzGKu6Ep0Wnr+hXVdh5uI/fqrAaZkYkwYiZ07GJqnMno4BjqNRGrmz; pux=1512%3D95008%262249%3D95008%262974%3D95008%263778%3D95008%26brx%3D95008%262249-DV360-Hosted%3D95008%26goog%3D95008%26idl%3D95008%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 3E76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.197.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0189f86b-11f7-086e-04a3-cf6e53e928fd|1604331936; pd=v2|1604331936|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=0189f86b-11f7-086e-04a3-cf6e53e928fd|1604331936; Version=1; Expires=Tue, 02-Nov-2021 15:45:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1604331936|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Tue, 17-Nov-2020 15:45:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.197.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Nov 2020 15:45:36 GMT
content-type
text/html
content-length
317
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame CEC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=95054:2; KADUSERCOOKIE=30F9878D-BA8C-40A1-AB22-798CA7C00ED7; chkChromeAb67Sec=1; DPSync3=1604361600%3A174%7C1605484800%3A197_219_201; SyncRTB3=1605484800%3A220_21_13_56_54_161
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:123:877]
Cache-Control
public, max-age=80702
Expires
Tue, 03 Nov 2020 14:10:38 GMT
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 41AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=e315a43aa9
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__uqc=1; __uis=6100ed24-09f1-4416-941c-a3918c762cbe; HAPLB5S=s579|X6Apo; __uin_eb=CAESEDjO8Bul6SJId429irwKDNU||1; __uin_zt=1582804170318341232; __uir_mm=1; __uin_mm=6c135fa0-29a0-4300-b0cc-e5f414a2703c; __uir_td=1; __uin_td=36646194-f6d2-4024-bfda-9af21d3ec9be; __uir_bw=1; __uin_bw=2d578f1d-3b55-49a5-a3de-a600fae4ac9b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Date
Mon, 02 Nov 2020 15:45:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Set-Cookie
__uqc=2; expires=Mon, 02 Nov 2020 17:45:36 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=6100ed24-09f1-4416-941c-a3918c762cbe; expires=Wed, 02 Dec 2020 15:45:36 GMT; domain=.go.sonobi.com; secure; SameSite=None
Content-Encoding
gzip
Server
sonobi-go
/
ssc-cms.33across.com/ps/ Frame 61FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=afHfg4Zx0r6kLoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=afHfg4Zx0r6kLoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
204
x-33x-status
2020008
server
33XP005
date
Mon, 02 Nov 2020 15:45:35 GMT
index.html
cdn.districtm.io/ids/ Frame CABB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

status
204
date
Mon, 02 Nov 2020 15:45:36 GMT
set-cookie
__cfduid=d6d1125d0ac9047591cdc9665ab0ae4251604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
062b3bb3cf0000cc4a2d04a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5ebefbcc783ecc4a-ZRH
Cookie set check.html
biddr.brealtime.com/ Frame A61A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Date
Mon, 02 Nov 2020 15:45:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbca48d8bcb826267622daa04ba5451431604331936; expires=Wed, 02-Dec-20 15:45:36 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
ji6wmyCS3VqQvAEXPZKCtjrAe13DZy/Fu45NOCyOirb0iehyxT0uS3Ql9omEp8O8zjqnrFZ0NoE=
x-amz-request-id
466D708BA66EC416
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4904
Expires
Mon, 02 Nov 2020 15:46:36 GMT
Cache-Control
public, max-age=60
cf-request-id
062b3bb3ce00002373eda77000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5ebefbcc7d022373-ZRH
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame EBE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: wlfi.secondstreetapp.com
URL: https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.51 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-51.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 02 Nov 2021 15:45:36 GMT
Date
Mon, 02 Nov 2020 15:45:36 GMT
Connection
keep-alive
match
euc-ice.360yield.com/ Frame 0A21
Redirect Chain
  • https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40
  • https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=2951839626017119774&publisher_dsp_id=40
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=2951839626017119774&publisher_dsp_id=40
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.13.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:37 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma
no-cache
Date
Mon, 02 Nov 2020 15:45:36 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
7d69f975-8d0c-4a0d-a5a7-d4ef4d4c8fe6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=2951839626017119774&publisher_dsp_id=40
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
euc-ice.360yield.com/ Frame 0A21
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=ab70cc28-154f-4a92-82e5-4d2f246c3566&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice....
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1605541536&external_user_id=3446002491012008483
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1605541536&external_user_id=3446002491012008483
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.13.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:37 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 02 Nov 2020 15:45:36 GMT
server
nginx
status
302
location
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1605541536&external_user_id=3446002491012008483
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
match
ad.360yield.com/ul_cb/ Frame 0A21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=YWI3MGNjMjgtMTU0Zi00YTkyLTgyZTUtNGQyZjI0NmMzNTY2&dsp_callback=0
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 02 Nov 2020 15:45:36 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 02 Nov 2020 15:45:36 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEDtAnWMGvVx2YOa0FK_Foyg&google_cver=1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://ad-cdn.technoratimedia.com/html/usersync.html%3Fsrc%3Dprebid_prebid_2.44.7&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://cdn.aralego.net/ucfad/cookie/sync.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://ssc-cms.33across.com/ps/%3Fm%3Dxch%26amp%253Brt%3Dhtml%26amp%253Bru%3Ddeb%26amp%253Bid%3DafHfg4Zx0r6kLoaKlId8sQ%26amp%253Bgdpr_consent%3Dundefined%26amp%253Bus_privacy%3Dundefined&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://cdn.districtm.io/ids/index.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
log.gif
includemodal.com/static/ Frame 6821 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=76d061ae-eab3-4282-9743-fe339038f076&url=https://biddr.brealtime.com/check.html%3F&o=https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.201.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 15:45:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5d8cff1b-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
cdn.vuukle.com
URL
https://cdn.vuukle.com/ads/wlfi.secondstreetapp.com.json

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| Modernizr function| gtag object| dataLayer object| googletag function| resizeText object| google_tag_manager function| SmartBanner object| ggeac object| google_js_reporting_queue function| cnxps string| js object| bb number| _ti string| _q boolean| na boolean| ns object| _qDate string| _r function| setonclicks function| newonld function| bye function| pc function| getdomain boolean| dosetup boolean| hasonload undefined| setupalready object| gptAdSlots undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| FB object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| janrainCaptureWidgetOnLoad function| Tether object| bootstrap function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| _sf_async_config object| addthis_config object| addthis_share object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| cswidgetoverR boolean| __@@##MUH function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Traqli object| _4140ee5b-16a6-45d9-bc00-b11220f76651 object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| bouncex function| reload_campaigns function| setBounceCookie function| getBounceCookie function| getBounceVisitCookie function| setBounceVisitCookie function| clearBounceCookie string| bcx_vars object| csWidget string| gaName object| gAservice function| csWGa string| ahm_cs_gtm boolean| ahm_cs_loaded object| _21bc8503-7806-41da-b650-37b6eedc566f function| postscribe object| google_reactive_ads_global_state object| ahm_config object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner function| ahmpbChunk object| ahmpb object| __core-js_shared__ function| JSEncrypt number| x object| ahm_adParent object| ahm_friendDiv object| pubgroup_config object| apstag object| _clrm boolean| apstagLOADED object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| confiant object| google_image_requests

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkMnELZsfipk0Bbv_pQyu2a0ID7NiNenui-7mO3H8b6X6RvF9MOgA3Js3uA
wlfi.secondstreetapp.com/ Name: visitorCity
Value:
wlfi.secondstreetapp.com/ Name: visitorGeo
Value: DE
.addthis.com/ Name: uvc
Value: 1%7C45
wlfi.secondstreetapp.com/ Name: vsid
Value: da8b1978-7602-4278-af47-8e5759148fc7
wlfi.secondstreetapp.com/ Name: uid-s
Value: 95ade7f-6032-491a-9aa3-60643e51e57b
wlfi.secondstreetapp.com/ Name: InstiSession
Value: eyJpZCI6IjgyNDQyMmQ3LThjMzctNGU1Yy05YzBkLWZkZTcwNjJhMWU4OSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
wlfi.secondstreetapp.com/ Name: _gid
Value: GA1.1.2131818986.1604331925
wlfi.secondstreetapp.com/ Name: _ga
Value: GA1.1.131401762.1604331925
.addthis.com/ Name: loc
Value: MDAwMDBFVUNIVkQyMjY2MTg2NjAwMDAwMDBDSA==
.secondstreetapp.com/ Name: _gat_gtag_UA_54612925_17
Value: 1
wlfi.secondstreetapp.com/ Name: __atuvs
Value: 5fa02995fe0b46f3000
.secondstreetapp.com/ Name: _gid
Value: GA1.2.2131818986.1604331925
.secondstreetapp.com/ Name: _ga
Value: GA1.2.131401762.1604331925
.secondstreetapp.com/ Name: __gads
Value: ID=fdbbdb8bdc15bd1c-22a9311f62a6001b:T=1604331928:RT=1604331928:S=ALNI_MYxbHRsVvIR8912qFC725fgMgTTig
wlfi.secondstreetapp.com/ Name: __atuvc
Value: 1%7C45
wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest Name: cc
Value: t

38 Console Messages

Source Level URL
Text
console-api log URL: https://www.wlfi.com/includes/jquery.cycle2.js(Line 6)
Message:
[cycle2] --c2 init--
console-api log URL: https://www.wlfi.com/includes/jquery.cycle2.js(Line 6)
Message:
[cycle2] slides: > .wxRotate (string)
console-api log URL: https://www.wlfi.com/includes/jquery.cycle2.js(Line 6)
Message:
[cycle2] timeout: 4000 (number)
console-api log URL: https://www.wlfi.com/includes/jquery.cycle2.js(Line 6)
Message:
[cycle2] loader: wait (string)
console-api log URL: https://www.wlfi.com/includes/jquery.cycle2.js(Line 6)
Message:
[cycle2] fx: fade (string)
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.includemodal.com/pw.js(Line 2)
Message:
Scanner Online
console-api log (Line 17)
Message:
queued
console-api warning (Line 1)
Message:
NO prebid responses1
console-api warning (Line 1)
Message:
NO prebid responses1
console-api warning (Line 1)
Message:
NO prebid responses1
console-api warning (Line 1)
Message:
NO prebid responses1
console-api log (Line 9)
Message:
loaded
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://cdn.vuukle.com/platform.js(Line 7)
Message:
[VUUKLE] Widgets of id '' are generated!
console-api log URL: https://cdn.vuukle.com/platform.js(Line 7)
Message:
%c[VUUKLE] platform.js version: 3.7.11. Need help? Reach us at support[at]vuukle[dot]com color:#039BE5;
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 162)
Message:
dom ready!
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 297)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 407)
Message:
Send pageview now
console-api log URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2)
Message:
Scanner Online
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 162)
Message:
dom ready!
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 297)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 417)
Message:
pageview have been sent or scheduled
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 412)
Message:
formatedPageview: {"timestamp":"2020-11-02T15:45:28.626Z","user_data":{"session_details":{"id":"824422d7-8c37-4e5c-9c0d-fde7062a1e89","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"136953cb-88f9-48b3-9417-8f28d8a3cf54","page_url":"https://wlfi.secondstreetapp.com/What-Are-You-Thankful-For-Photo-Contest/","hostname":"wlfi.secondstreetapp.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"AD_ONLY","integration_type":"DFP_WITHOUT_SAFEFRAME","ads":["div-insticator-ad-4","div-insticator-ad-5"],"embed":[],"header_code_version":"STANDARD-VAdX_3_9_J-2020-10-16 04:56:48","test_group":"0"}}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2766b4e2b6209a87c1841096e1cc5929.safeframe.googlesyndication.com
27e2d1736a524d61c731d4ae6c21010d.safeframe.googlesyndication.com
2c3609b93ee8564ee4156cab298d9767.safeframe.googlesyndication.com
33de228d3a216ea755fdb45ca794c38c.safeframe.googlesyndication.com
9ac2e1dc39f8560e444ae96f2f713ed1.safeframe.googlesyndication.com
a.sportradarserving.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ads.pubmatic.com
ads3.mthsense.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aol-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.bounceexchange.com
api.rlcdn.com
api.secondstreetapp.com
api.traq.li
as-sec.casalemedia.com
assets.bounceexchange.com
b2c.insticator.com
b4f9529961575f62d8c7bebe0f3c675c.safeframe.googlesyndication.com
biddr.brealtime.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cd.connatix.com
cdn.aralego.net
cdn.cityspark.com
cdn.districtm.io
cdn.includemodal.com
cdn.vuukle.com
cdnjs.cloudflare.com
cds.connatix.com
citysparkstorage.blob.core.windows.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
cs.emxdgt.com
csp.azureedge.net
d2na2p72vtqyok.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3gpkdwom7cn1q.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dmx.districtm.io
embed-740867.secondstreetapp.com
embed.secondstreetapp.com
eu-u.openx.net
euc-ice.360yield.com
eus.rubiconproject.com
event.insticator.com
fastlane.rubiconproject.com
fd1d0cb43d187d59576de866b0863a79.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
ftp2.wlfi.com
g2.gumgum.com
geoip.insticator.com
get.geojs.io
googleads.g.doubleclick.net
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
heartbeat.heartlandtv.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id5-sync.com
includemodal.com
insticator-d.openx.net
jadserve.postrelease.com
m.addthis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
media.heartlandtv.com
media.secondstreetapp.com
os4m-d.openx.net
p.cityspark.com
pa.rxthdr.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
prebid.technoratimedia.com
publish.vuukle.com
s.clickability.com
s.ntv.io
s3.us-east-2.amazonaws.com
s7.addthis.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
static.chartbeat.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
tag.1rx.io
tag.bounceexchange.com
tpc.googlesyndication.com
track.adform.net
us-u.openx.net
v1.addthisedge.com
video-static-01.clipsyndicate.com
wlfi.secondstreetapp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.wlfi.com
x.bidswitch.net
x.yieldlift.com
z.moatads.com
cdn.vuukle.com
s7.addthis.com
104.111.215.135
104.111.215.236
104.111.215.51
104.111.215.68
104.111.216.96
104.111.230.142
104.16.68.69
104.17.119.107
13.226.156.26
13.88.145.64
130.211.10.17
151.101.113.194
151.101.114.137
151.101.194.133
152.195.34.73
152.199.22.191
162.210.196.208
172.217.21.226
178.162.133.149
178.162.133.150
18.194.183.62
18.195.155.181
18.196.104.43
18.197.99.6
184.30.222.233
185.33.221.15
185.64.189.112
193.122.174.27
199.19.89.14
199.19.89.15
199.19.89.19
2.21.36.164
2001:4de0:ac19::1:b:2a
208.100.17.178
209.59.156.234
213.19.147.150
213.19.147.210
216.52.2.48
216.58.212.162
23.8.5.15
2600:9000:2070:4400:10:3422:3f00:21
2600:9000:2070:6000:18:1fcd:34e:d2a1
2600:9000:2182:3000:1a:5302:20c0:21
2600:9000:2182:3400:1c:386f:ec80:21
2600:9000:2182:5200:11:193f:ab80:21
2600:9000:2182:8000:d:77c3:2dc0:21
2600:9000:2182:e400:5:ee0e:9e80:21
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:190b
2606:4700:10::6816:3da8
2606:4700:20::681a:467
2606:4700:20::ac43:46e9
2606:4700::6810:125e
2606:4700:e2::ac40:8426
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2003
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2010
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::200a
2a00:1450:400c:c01::9d
2a02:26f0:1700:d::1737:6ea4
2a02:fa8:8806:13::1430
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.79.35
3.127.95.92
3.16.201.133
3.215.93.225
34.120.207.148
34.120.253.250
34.193.167.244
34.230.171.184
34.95.69.49
34.98.72.95
35.227.229.34
35.244.159.8
37.157.2.238
37.157.6.246
40.84.148.247
5.39.66.15
50.28.54.68
52.160.40.218
52.204.18.53
52.219.105.81
52.222.182.122
52.29.14.143
52.30.187.36
52.59.13.226
52.73.105.22
54.77.116.112
67.202.110.21
69.16.175.10
69.173.144.143
69.173.144.165
88.99.98.223
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
011cbab5cc3b0e3b55df7de88cebda23d4e71cd6114154f6e38ef4aad6a0c979
0136547f46700914f3b9a051aa2c7cee3a3fc0ad045da6ed24226d0ed111f86b
0243c79d4974511cb730b6d44359ca9f420f3b29ead1af1c3b2a1647b106a923
0246dadc540e4f6c0123e63c93e85a46363c18a2476806331d41ac20df8c7799
02a419af669ac11c928c3ffa8e87fe9d2fd411dd6d42b6d7ceafaf121fecd5b6
03a73be0339cd9e157576194cdcaf5d39feb3ca843d3a1fb88743fb3dfe14b53
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055804e6e4c1d65f467b57b49f01b0b6d8796c02b5102ee6833c3c588d57690e
05ef3b2f54125cbf30c732537cff4b3f7d839f082d7cff06672e01625b840b95
064f40eb034d7b2375d3fae56ff781752b05179f8fde9abb5be6f90d9ea1dcca
06857daa37923590ac5f66a3af9f75fd1ce23de89520602eeb17c34e7b0295c1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07beef35e9bf20b1aeddce63ffc7d95eb58dbd6c27d9832f31178e79ecab3855
094e7f4e7dc1b95b75548870ede04533d3c337a76b9e3bcefb040e5c69e1b2c7
0999a7c80d428aca7048c17797e42ce94804645b674c923e242bce46eacff4b7
0aa4e66f2abe3d5d790dfe483c53bf8ff2fab13d8b35598c189db8c728ccca09
0b4aaefb456e6026470a1c4fbfd88c75b5f94f69bc6abe607772080f2991fea6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d072b4dcb2d055934c09956b3c93ec340f2ea05dd13f96ba9ed5f0f333f2b74
0f0fe5fc92b67f73749fabe7119f1674e9fcb82d6f5eda83f5bca5be336019c3
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76
1227d872251976c05ef67c188eea8664a0594f235bd85135f683a69c97838aff
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9
13575e4e85121b088ab9dbdca88b8e29ced12719214a228c9b3b09d544d0a18b
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
14a25c417bcf2315cb0802a430acd5ede7e41519db45e627e67076ae838a2302
160a73fe571a0e5c8e38d72b5f44165fe8bb4ffbdb4a5dd69fc25c3e5621d686
16f897844ba0eac70e8c266a38d132f5cf7d60d5dd0feedfa3be2be75ed56f31
1705fd91041d316572180ee7ec005a27045627cff93687d0299fc303662c8fab
17431afd408cc1d699edf44f76374f5fa3aaf98a26783dd1773300dc1081fb5a
19f0bba6b914e9f5e52076a2944122f1c7a6d0ec8cf02e1e2bf06eba6ff617ea
1c1ed221921ac2d457b73650a8c956340d094c2abcbec440a25246fcd38f9ad8
1f213c72e8c19679a28a78a994eb28d1271e4ce2c7c12b4ec685d983708dfc67
1f51bff057925a0cde7b57e5eae79e6496e062eaa8794888301e0edbb9e12609
206b4b240bcc3fe4e4c731079c866e976a88cfb2556bdff4d5e335f3a81c51dc
208a83f9f7f042b5cc8033b749807bc33bc75e066642a5a1cd7d77730cbc5085
20b2b1f8568946c07b704b2c3c9950063e1ddbbd327876d61cc568c2a2d78e36
22276979990b7a249e931c6182c10fe9c03b578bba7e8e3e8b056cb04785b065
22d6f4376ec07b325c6312510a83f85d2804b276161c3d8f12d2bea4cb9776db
24252790207b514e0113a4b57672ad39fa41985d24b93090ce447b653608eecc
2602c63d3930675fbf9ca4b3faeb9b6b89900abca7931aae7c40a0346962a3ac
2819a2473aaef92db2079e13cedbc18bad5e531986b9ec0fa91f83ebc19fa6aa
29af64d9e05831fb1f801067a405e16c68707b795e29c462190f8f2734f957c9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c8bc13e0a228a2f00f0c27e4d2e1711b489924677e1d73cba8836fcd4e973db
2cb5de3827822b6fde534bf840e5aa508df38c5c501e69c01092922468a13c86
2da800ea4f2ad0f89b274b66d9eafb8d8303fa5341432e4b08d06e4ab8e09954
2e057b83d7b8c6a14b6daaa563f235b2ad3e246d0c96a4c11aac493263989d96
2fe10a9dd52bda66c5f1ae7e9e9c2c1bc6f426a0b9e5ebd8e55f808478ecaef1
2ff01f3649ed87a82ef88d8df3c6ec42eaf0b97a5b5ab42788142d0379bd7be1
301a39c9e737ac0ffa1fbf1d5e923ba64371a6c6e29389567c755872cd5b2e24
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
328fc17affbc461fe665a471a86ea5095b639ce368941c6bab82ed0374338347
33c893499967d1700f048ec087dc1d5a236f01950327fdbd4dbb31ccb65e2a8d
345b33df1f8b8353161a23452d82d3ebcbf4ac677769b8ea9d36bf9ab34e093f
34c396e461b21cd4c3762a6df030d1f1d4e6ab8b9dbcf81eeab695d9b3305077
351f9ac07bfb806a51e36737397471c48c9602b763a301fdf1edc88aa6b64894
36ec64c3d76e5733b56f4bfefc2daad2747ae84dab8c6a956d9a6c3730a962db
37654d1992fbb1b437c1a6c6f3358ac88a5ff81a61c2b8cf5a1e29580132dd98
37a8e6356d0bc78cc0edf94148cd4fbcd79e4f7bf50634fe0829b75501d1ef26
399419ded7767fb642e1af81a330a4f9ea2066cf6fb95934bebbf7ff67d2ae19
3b655c06bf8329b7440129001594be5fdacc808ac68e4c94d77a471ff71d0d5b
3c7c1ac07d8f07cff11fe8c359fc922fe3fe349a30449df29561825355eb622b
3c8a1bdfef12a5a2ccdab3b63912bd50a56b881ccd77f43c071e46a08ee6a66a
3d9ccf39c14168986c8c08c9ebca94269c87cfb2db18bb8ca2fc6b85d9511335
3eafe4534724ee6aee2d1b6d101bf3b52ea57fedddfba3145206f439b83b17fc
3eca54cc0c840a5049990e6c0aaae2546d33bef6354567da122716f8fe916123
3f88f33e3bbd578a4073453dcc247223cad3baf5c47b24da5fbb1ce34cfca6a2
3fbc03589c67362e2ddf371d9c662e00de237054da21631a63abd00b7059affd
3fc6cc7436cb47f0a061254d2832b471dc981fc68708c47dd25964c0de85209e
405075821d150ecec62181a1e9afcb5943b14ebe6359a8c7e8264a3aa2f48b30
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
41e641db7b510f5b615800dae43d3068284e8583fa29730ab2c8ffbad6b22548
4289c03eb854c6141eb6bb10f799f70c59b1d2293472dbfeb42dff4aae635bfb
4382340b3f3475b73c0adb3c5a90e6205f32d8463dec5aa015416700c7ac041f
44e0485a95754ede655c8bc88b87542239c6e5033adfb11484f252b82b344afe
4632fcc3c63e5c9d8a8205be42e0ec3e280c13702c809e9ae41a9ab8d7777af5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
499bb69e3e39e27ef98bc31e282596ef7ecfcd49dfc66884948669f456bc5a86
49ae5b9d102ac9f5294ccfdaf75c94a811f4ef2a07b43054d534145a8e655921
4ac8fc0bd7622be857cb1513f3fd5b95db60201bfa34abc1ac6e60d870b64497
4b4e433c6f2335a41dc9a0080c67da3ccdfa21748ea5895882523a77c86e2680
4ba502ecab0bd6b9bfdff438ee33ff556ef77484c3a6da888d264d25f082252a
4bd2338c35b68d4a56104720f04535a6f52d9f736acd22cac1929b37eae40b04
4ca8c9c5d7eb4a78ee4e080ad291634dcfdb846fd8dc4272cad1739c593898bb
4cd76d98842711c380e2596b86a2b9d50e464d144be1b51e50d853f7709dea5a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
532fade459fe9db4dbb81ab1e7004b53334598291ffd480bce74462c13deafbd
5365e5b6f9e5cbbd8ff54d76a9d04353ebd0099c11fe244436696aa6f6540f4d
545da1862a1b3834b6fc4c660d370dea40069e0589a9657d947b2f47b92961d8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54f4f897af74e5eb983935aa5f8a1f823c96fd3e75b3ca7ece12638175acd2bd
551dc22b3bd981993056e6522b3f83106fa055d4bc74a6d298d57a9829e15e3c
553e52f9338aefdc47bbb0cd43415aa04843c6b76b7f99557d6353926ba1add8
58363b3654deda1cbd5841388ec893e59ee19b0a08cb28da418774a67c201862
596408006d905b12d73a5f9cac306fde2f223d018c1a9f54be592d4450da44b1
5a6c0a77a5ec82e2e737a8a8dd60e769367ca0a7123e9ab8765f943134244889
5d35675857d639b5f1f042f5d75f8a7a24105eef8717ceea6d8c90aa5764756e
5dc55cd1bd7c526ff0a9fd04a5da7908ca51ab45c13259201f0efc2a259c5a5c
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
605be087ed72659e91cb5cb8197edd6bb2c10240427dba6daf12f08bfa3e369d
60881a3afc37085b8b47e581d598a235a9ba7c0ac1b29a8738609a2aa74d48be
61d601b51a06176849c898349b57a289639b4645fad0207bdc74961d4f063a4d
63855c047c82fa05449bb089995d81f78fb66b8b4198c9fc47aa3785e3a06561
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66a36fe5ded06b82e75e7e0dbc9f872c72c731df98b9659ece19991c48d34d6e
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
685519629f8eb69891dfae63b0d52eeb58f5154f65de4f2cbaf1a66ca6163944
699d48fef1d89053889a4e69408fbd47aa17111e4f0fd00c16881ad2be49b4cd
69a115628257f5449c515b2d4fc3b8cd0fe24086ea4d54d9b3beffd12ceba586
69a3fb7862cbcafb6526e9f884fdbde568cb055f44a9daef422c9e29536b1731
69b6a51d31c263101f6afd1fb6fc0d7f79a9822c12bf9cf45a657e9ea70f90fe
6a4d32b09fa86684219ae77473efef2a64b5dabf2c59177a7f89b9549d209ea8
6ab8beb65b0cd93170d8b233df1ed4eeb5158957f2ef3e454e8eed342247f2b8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c972f1d21c8fe8e9c079da22e482193d7389b1ae00d4e3ab13f89e1b862c033
6dd569c8cbc3f88c653f9e57f45f78b0cac0e1c2752f4156d713b949779b83c2
6ecbf8ef5982068a28613af44ce4955a5d0b19e8c274cb1c39282edd4b9a2782
6f378842dbd709d741e2a2a3280b40886e69b928ad5d32cfb020c1eaf760083f
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
6f7d8df99f6cc28ca586c4015b0c708215e22e7fed58ee85f01fd238b36a6a9e
6ff7ea54afed1fb9a0a12b6d986f3590f017acfa079e33e9b7c7248f3abfdcb6
70a2d53e93236eed330e77444ade4148aa87d3218fa65058ec3916d5626b53b7
71a043c310faab4e07ce9ce21864a518f188129eb9969403c625479925e21009
722a06e3ff39c6f90616e76453d405bb5d7413d673c121f96548a06956685d47
7262428d1786b86c29b0ebf418c3e2ffd704be2c4bf08688f867258a78b5f73a
73a6694c7e8881a6d170dacb38c9f04e59993ee57817c659906b8a7f825bccb3
74271251c13d33cab987bfba5dab5e8fcfd7d3f7bd8cf19c1d46cd0682ea0b24
744ff524d1ce233b0d7f09c86d6ef081fd162cd6187c8cc9df59af32f26d6081
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7544590c78b18016ce9dce7cf0d82ed45284b304c1b9a61d9128916deb82e8ba
763963b0b2bdc41bada0a46a0117897e78fabe314a72c7924e2c4b9cd96d9915
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c8080d7011cf149677cb9cfca3684025490629237e1e465aeb0312b76adcb65
7d43c3406e58ebfbb2992f4993d5948d5ea2c9adf4433a763ca424b52d77cd9e
7da2b7a601d58209bdbd796b965db12c42dd15730caf0c5ddfd208aec49bf2eb
7e3ef3cef1bd0c2b8ad2c80cbf294d0982ab73f4fdabae341d163243d930c686
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
8141e3f53719e57a564f26ff6b468ff9b60e5b1e112a89293627ef8ce1f52ce6
81c432d641de3352e78d5b666a67be4bd7b013ed12b0e1d59a6e1881bd289c58
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83835f07531a2fa62871c7a60465b56be21f400f657904a9552bf0c94e485f60
83989511162f4870eec741186b1f61e347cf37e3d54da12035a90da2836965cb
839bbf8a65f3111e6e19b5e95eab234506b6da9221855faa2fc62a0c467916b2
84cb04380aee1422ab6395a3e5580e168e346216aea097d99613c97110cd8a57
856dcac08faa5d75429222b1ba813058cd6b43f1626becd411270ea463be2a32
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87b388e6162cded936084f785f9d34e7f8da8d24fe3729743babf75bdf51fb0e
89bb443ef7d0ff12aebca01a3bbe7e1325eb4dc2535ed55a4c453c83a3a9f2fe
8a1b74ef81ca4f9024f521db36f5b53642031fa76b3c42589470905c5dbb1dd6
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8a85622a40f4a0c8379546b1e80f1e9832da123219da6a4de6666f78acae1ed9
8bcf402022b80b94497b8d15bd4ed43484818b00a1d8f643b0639b23e1793273
8d194b3256af9a03695bd264c248fac2d681e805aedb94a122b3c878f259a91f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e952b8b937351217f10dc03717caeb974450135f3cb704f114177e617149731
8eaea2001a319f44a37b9c748197633f390b3f8409781b74843ebc6dd74cea1e
8ee55882dc71b76d792c91777b00fea6e29feac3113828ffd0920f0bc6a145c7
9125982d21b1f6ad4bd9e8426bd64d9e2d929e5618e27ee7ae55130ed36c563b
91ee4c8cf026de6feccfd29b596b4e50aae251ca23067a5a863d2bc347369e6a
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
930b16b505931ff0b34396f5726dfb2206a05bc04bea15a8ba9f9b03041d9afd
93adccb56ecc591a33efcf800deae90fb4393c298ff921c2d54afe8162c89d0a
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
94a4f339f46f66d24a75fc71782aab04965fc941e839258905749ecbbdaacacc
94db4ddc3645556e1694e4222fb052423b20485050cc2ed54f4d5117f5619fcc
9713e5f78031f3e043ed7b32f2d2abd0cd331dc2daa8fd8b671b6b80342b532a
9c39580d7838125ff6a5dff88fb75704a16ff94721a1319b3ebeb4df234db2fa
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9e8310bad9ac2deabbef52755a2470c6971d9a0f7a6f180895e036b72c2ed784
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
a1290b56a45aaa60a64d22693d5dec57473cb433915f4bd8a5f1358508b5968a
a27bebf5ec1ec2d378b182314b9ac7e87f95c502333bb1ef52c22917afa0b70d
a28d546d5489884daf32c46095e10218620d6a63de20e146b38ec3221cbeceb4
a2bee6cefe63d3d7878c27ff9ab5d20ef3cd1a696bdf645f0aad7f5bdee4f289
a2edc92944256cad5b87c61f7769e94ddf042b64cb04700533cf0229009f7890
a3fa416ce898f504e3a8af973fa780a35c8ddac2a394e6175276e0a18f8d966a
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a550b51a85cfd828d95707e27d160d09fae70967ac2b3d07b101bab00e26885a
a5902cd86e40d6fe3e4a7576bc8d9b7b19d429883f69bea92bcf87f6f0c62524
a9a470a58a7a73da5bbd94a674da46bf682c19fc5558cd411d0ffa80dbff7d54
ab6c4fd4bea57a49ab8d190552d6dcaddaf54accf6ccc8e135175c9181e4ae6c
abbf00fed8d2b0d81ef504d7fbdd0ebd331a59e10d03a4583d11cd3f5c0b6b2d
aca557138d1c924dd1ad7725b6f853f61a2df7f42cae45e6b86bc11d76a66aa7
acee9224afd6f7443003a708f3f188bab3b7cf4aeba059ff48896a5a59c9da40
aedc1f19db62ef9645a1ceae7ef270c7488b4362521c9145e4433bafef62ce16
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5
afb034d61e001e4814af09c800ac32d01ddefff87cb0de5378565945ff1f1614
b1378fd9d0212e5c92ae1d39473f0326828a9ecd341a1f56b9b371470a09f839
b29df2ff86159f2a6808b867dcf5657b9a32a1fe016f237355c310bd0e93aa13
b3afcbc4473e13b6c6ec68e60de818026da8574b596dfe51838ce88615265a7e
b7e6c6036b8a78acc2f9cf3b9bc5cd1fca271aee36069b71287683f26d3e382c
b859ad99fb2fa823b03d4af4dd783ded5b8b4f454a22ada32223d0cd83cb25da
b9de1647d3164a0fa89ac17c1f9d148f330c1add59e3fde51b7c7cdd28008968
ba9f77081db51f317abbfbc2bb7fe3e7ac713fcc134981b59675e2d13d650740
bbd14178882a785cfafcfd78f13f3ced7384e0be71483b9d700fb5915a6bca9b
bd2f2a5765557d8ab362b501559ed5f09bb95401dee98a98bdf51e616c55ffe9
bd4a9c6ad9ed8d1142310c8dbf720f06c7667f0e79082a1d71c58a92d03307ea
bd4fa357aa68d6c385588d64b1e8ffcaa080583039a76261925307cf1f298328
bd7a22b0b4adc38d8b8ac8ae51f315756e9e0100da259e473bf1f07c11aa9e26
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb
bfb7d379d3f36f9f061f310cef02719dc9c40fa46f68be74694a97a7d35a97fd
bfc870ffd2897d5f380be0b95e89a4ffd7f1cdde24ba00fcba21e20524bcf70d
bffefb7a5826a4e7a83313fa73187a032708e13596053774cd46aec357415939
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d
c27b820505e7e98aa0e33ddc44d88c79a3e1638d5af5c835fbf4f7aa95616464
c38c25c07bab6ed7b15cc489003e2d4f6c1c287ca083304f802781853b3e5aa6
c6790a64a8179819745c8ffd13e3b25b2e2e6b7bde326b0eebb1ae5fa05dcb97
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a
c9d749d9a2487da8156f8033dcbd23cb363f21f234048713004f5d73df0bc7c1
ca05d8db9b44516093782c2fa0e64faa5b88098b98173cde06f885432f1625a9
ca81f106003c068d1677491149477d9b9845215eda925e0925119a2e1bc1b35a
cb9c8c59a004bad9f5bb228312b3bb9cd3ce3d353a15ea810157d2a26220e3e2
cbed18e97d7c679ffb50034dcf0a26b0b527651ff5ce3c242c0df5de5b285fca
cbfc00265e5ea9e296aabb4e709eaa6e6c9419bd4b0a129956bec78c2fc96caf
cc045f205bf84193417627551ea72beb98453bf16179ee0f5bc24eee6b59167e
ce90bd65a61812a050a998cc5c73d30350d4ab3a0f1ed7d27e1fec4d6c777c4d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd2a6818c200975c3079394f878135ccb112dd66909ecc796a51d71055b7727
d01fcfffd7726fe78ce828c5d6621e5ace667cfc03413ba23b26ef9ad27eddb2
d146b4113e4ea614f0dbaea9beb152f8658ba9daa61dac225befce5bfc5a5b0e
d2aefc0b91d62da60665f80438dca6017f5c80348784070b313c4f00931aa427
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d73e2e390cc69f18f9a60411a434a3fdeae15b37a7ebdb371c60e494bd63a6ae
d79b55615ea3b95e773a798decd609863d96055d0409f233841e8a52ceffda97
d88a056eed7fc9dd598f345ea866f324ddeec180e3c5976083257a1cd847d568
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd8f14c311971e094ab5c9ddca23f6b2ee465acb40ed4c16490766785951dad3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6a02c4ff63618a4985a8261851ea88aece3e72b621cc9e1cf935522a2ee1bd
e1bcbd4f2778db8203f4da2641b15f0a890c7411e8fd70af45afe76c8356b100
e283cdadbee9a4919060b4ab92adde9f3915ec7b2037de3e112c3c34ef48a2e7
e3488365e800a5eebd527d5ae3184704fdf1b1b45183cf4a396f2b29cff03921
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4dde61a3bd5b05cdc5000a9b0375fbecb1852217575a7ae395b52a94f96a204
e563d5edb9810b444993149d7ec17ef568e97fc32168130bbb5c9b1acdce1b6d
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e972d187856b7eecff4edcf05b77397ffd09ffebbe19e44e7153d195d65fd48e
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ed4332deb9de049998b51483715a35b5f2e93473a5406687ecf0819b26592db3
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
ee4198796a5d63296ee727e750b11e807d7ce8af161655ab067cb55901f07a91
ee8d71d16b761a256d762f28226fe732cfd5cf2e4f6b6e9ca4b055afcd73fb5d
ee9538b59157f22113ba6c5f90d6fce0df0a2daf28e913de3666130c61e0e3ff
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef0300dfe1e69c7dc6784339ada0510fa17b0f6699c3917f84db019bc7d9ab31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1e810d606652104526c962ccbbad4b0c84e05ab6cc2a356a885f3bfb323c47
f061763f44a13b00e797586045aeeb9375748030c7eaeb152d8317166998f388
f07541f38d45aa73e4be96f6ad8c6d56caf4727d94dedf28db17bd550f77c885
f07d4cbb3a7aca1d743601bfdb3650ab447103e86c617faaea1fb561a26d4c50
f11e56d8c9b83b906d6b7280c0647017efc40f58b1e3213e981ffb6376788a16
f1d8b29f948365d3fc519710c8db3d69024e17ff90436fbcd85601966cbb3b01
f1f0bbca06942de0af05ef9012d27e4706b14fae13cb2d1189b8c64d384a3879
f320afa3d2b837c64cd2cf1ece24ada2ee5c1e8c73c8cb4708f45e4e13c198e1
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f566aa0a16f541e7638d2785350fbd23efe9f98a6da87eaf7185aa8c9f940198
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133
fc062692a80742155211f262dbde41be07f12b2e6d8fac159ce111f0831de851
fce8bd7c0fa87fe97c51cc3bb1f9fb2757aaef34cff93b93206fb5c20789b10a
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218