urlscan.io logo urlscan.io
SecurityTrails logo

364daysofthanksgiving.com Open in urlscan Pro
198.71.233.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://364daysofthanksgiving.com/
Effective URL: https://364daysofthanksgiving.com/
Submission: On May 24 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 45 HTTP transactions. The main IP is 198.71.233.187, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is 364daysofthanksgiving.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 19th 2021. Valid for: a year.
This is the only time 364daysofthanksgiving.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    198.71.233.187 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
364daysofthanksgiving.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2181:2a00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
3    2a02:26f0:6c00:281::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
4    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2.16.186.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-121.deploy.static.akamaitechnologies.com
img1.wsimg.com
1    2600:9000:2181:4c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:20eb:3400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.132.84 (Madrid, Spain)

ASN54113 (FASTLY, US)
api.pinterest.com
log.pinterest.com
1    2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    23.35.125.155 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-125-155.deploy.static.akamaitechnologies.com
img.secureserver.net
Domain Requested by
23 364daysofthanksgiving.com 1 redirects 364daysofthanksgiving.com
3 pixel.wp.com 364daysofthanksgiving.com
3 assets.pinterest.com 364daysofthanksgiving.com
assets.pinterest.com
2 connect.facebook.net 364daysofthanksgiving.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 log.pinterest.com
1 img.secureserver.net
1 graph.facebook.com 364daysofthanksgiving.com
1 api.pinterest.com 364daysofthanksgiving.com
1 l.sharethis.com platform-api.sharethis.com
1 www.google-analytics.com google-analytics.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 google-analytics.com 364daysofthanksgiving.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 img1.wsimg.com 364daysofthanksgiving.com
1 stats.wp.com 364daysofthanksgiving.com
1 platform-api.sharethis.com 364daysofthanksgiving.com
1 fonts.googleapis.com 364daysofthanksgiving.com
45 18

This site contains links to these domains. Also see Links.

Domain
online.nph.net
www.pinterest.com
themes.bavotasan.com
Subject Issuer Validity Valid
364daysofthanksgiving.com
Go Daddy Secure Certificate Authority - G2		 2021-05-19 -
2022-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2021-03-05 -
2022-04-06		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://364daysofthanksgiving.com/
Frame ID: AC307C8D86C526E7FDE0DDB7AE5510F7
Requests: 46 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: CF943C37996F15B39B2FD5A1E3F8321D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://364daysofthanksgiving.com/ HTTP 301
    https://364daysofthanksgiving.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

45
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

18
Subdomains

17
IPs

4
Countries

842 kB
Transfer

1633 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://364daysofthanksgiving.com/ HTTP 301
    https://364daysofthanksgiving.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
364daysofthanksgiving.com/
Redirect Chain
  • http://364daysofthanksgiving.com/
  • https://364daysofthanksgiving.com/
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
bcb4d3af062fe056aeaec571b0bb88d86921884d0b9f8c7ade25a285d8a3d6ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
364daysofthanksgiving.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
content-type
text/html; charset=UTF-8
content-length
9020
accept-ranges
bytes
age
78940
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Age
0
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 24 May 2021 12:04:54 GMT
Location
https://364daysofthanksgiving.com/
Vary
User-Agent, Accept-Encoding
X-Backend
local
X-Cache
uncached
X-Cache-Hit
MISS
X-Cacheable
NO:HTTPS Redirect
Content-Length
201
public.css
364daysofthanksgiving.com/wp-content/plugins/pinterest-pin-it-button/css/ 		1 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
96215c4a18982853f076db794ca4dc3bf7f34d905c440eac6ee30749112356b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250817
x-cache
cached
vary
Accept-Encoding
content-length
471
x-xss-protection
1; mode=block
last-modified
Sat, 09 May 2015 00:16:56 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style.min.css
364daysofthanksgiving.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250817
x-cache
cached
vary
Accept-Encoding
content-length
8685
x-xss-protection
1; mode=block
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
front.css
364daysofthanksgiving.com/wp-content/plugins/simple-social-buttons/assets/css/ 		96 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=3.2.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
737dadb23f48c0823c3d5f597c2f9d34d81a8e964f013109fb366d7d84dffdc1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=3.2.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250817
x-cache
cached
vary
Accept-Encoding
content-length
10264
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 14:51:34 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style.css
364daysofthanksgiving.com/wp-content/themes/matheson/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/themes/matheson/style.css?ver=5.7.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
bbb21d4bb1497f446105906a65a9e22ca56ad6ba82f1b3335fd152a37d4f4163
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/matheson/style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250816
x-cache
cached
vary
Accept-Encoding
content-length
23698
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jan 2020 00:18:04 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
css
fonts.googleapis.com/ 		10 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway|Open+Sans:400,400italic,700,700italic
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c403ca1d260fff15d14c485ce458f6a90d68a947da507105b02d16420d11f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 May 2021 12:04:54 GMT
server
ESF
date
Mon, 24 May 2021 12:04:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 May 2021 12:04:54 GMT
font-awesome.css
364daysofthanksgiving.com/wp-content/themes/matheson/library/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/themes/matheson/library/css/font-awesome.css?ver=4.7.0
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/matheson/library/css/font-awesome.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250816
x-cache
cached
vary
Accept-Encoding
content-length
7439
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jan 2020 00:18:04 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
gem.min.css
364daysofthanksgiving.com/wp-content/plugins/godaddy-email-marketing-sign-up-forms/css/ 		639 B
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/godaddy-email-marketing-sign-up-forms/css/gem.min.css?ver=1.4.3
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
2790b050d606c7dca2f55a16934045dbadce10b36475968dbc876e9013424335
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/godaddy-email-marketing-sign-up-forms/css/gem.min.css?ver=1.4.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250816
x-cache
cached
vary
Accept-Encoding
content-length
368
x-xss-protection
1; mode=block
last-modified
Mon, 13 Apr 2020 21:23:18 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
social-logos.min.css
364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=9.7
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=9.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
vary
Accept-Encoding
content-length
7898
x-xss-protection
1; mode=block
last-modified
Wed, 05 May 2021 19:23:13 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
jetpack.css
364daysofthanksgiving.com/wp-content/plugins/jetpack/css/ 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.7
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jetpack/css/jetpack.css?ver=9.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
vary
Accept-Encoding
content-length
13831
x-xss-protection
1; mode=block
last-modified
Wed, 05 May 2021 19:23:08 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
jquery.min.js
364daysofthanksgiving.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250814
x-cache
cached
vary
Accept-Encoding
content-length
30916
x-xss-protection
1; mode=block
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
jquery-migrate.min.js
364daysofthanksgiving.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250813
x-cache
cached
vary
Accept-Encoding
content-length
4169
x-xss-protection
1; mode=block
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
front.js
364daysofthanksgiving.com/wp-content/plugins/simple-social-buttons/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=3.2.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
e0447c33437b68ce8263e7ce898c532cb1676e1dfc94662aea3300263e425265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=3.2.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250813
x-cache
cached
vary
Accept-Encoding
content-length
2086
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 14:51:34 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
sharethis.js
platform-api.sharethis.com/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2181:2a00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:02:22 GMT
content-encoding
gzip
age
152
etag
W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 5fd865e604cad30b24a805ca3b6d4048.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
jg4SXz7NEsvZ5ucLqhnWqW9ln8yO9r0Ix0bCWyTgL-5mtOoIWB7_fw==
pin_it_button.png
assets.pinterest.com/images/pidgets/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/pidgets/pin_it_button.png
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn
akamai
etag
"cf5ce2d2dcfa060f6032b0af60d45aa2"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=55139
accept-ranges
bytes
content-length
909
access-control-expose-headers
X-CDN
loading.gif
364daysofthanksgiving.com/wp-content/plugins/jetpack/modules/sharedaddy/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
content-length
2530
x-xss-protection
1; mode=block
last-modified
Wed, 05 May 2021 19:23:12 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
image/gif
x-cache-hit
HIT
etag
"9e2-5c19a202a99c6"
accept-ranges
bytes
pinit.js
assets.pinterest.com/js/ 		361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=283
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN
bootstrap.min.js
364daysofthanksgiving.com/wp-content/themes/matheson/library/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/themes/matheson/library/js/bootstrap.min.js?ver=3.0.3
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
f647345f2b39a5b5ba7c175ae2c4024f9bf8b4cc5aa03a58dacabf0899a5df19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/matheson/library/js/bootstrap.min.js?ver=3.0.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250812
x-cache
cached
vary
Accept-Encoding
content-length
2069
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jan 2020 00:18:04 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
theme.js
364daysofthanksgiving.com/wp-content/themes/matheson/library/js/ 		850 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/themes/matheson/library/js/theme.js?ver=5.7.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
8a2e66e2253870c7a9ed6232f1cd8f15c3da296c65f52fe3d773190b5964eaa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/matheson/library/js/theme.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250812
x-cache
cached
vary
Accept-Encoding
content-length
452
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jan 2020 00:18:04 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
facebook-embed.min.js
364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/ 		737 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
vary
Accept-Encoding
content-length
460
x-xss-protection
1; mode=block
last-modified
Wed, 05 May 2021 19:23:14 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
gem.min.js
364daysofthanksgiving.com/wp-content/plugins/godaddy-email-marketing-sign-up-forms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/godaddy-email-marketing-sign-up-forms/js/gem.min.js?ver=1.4.3
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
6eba7ed8e0d2585eb33a250d85cf2dd0cc88dfee7b7d07c724442adf6ef24aff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/godaddy-email-marketing-sign-up-forms/js/gem.min.js?ver=1.4.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250812
x-cache
cached
vary
Accept-Encoding
content-length
1002
x-xss-protection
1; mode=block
last-modified
Mon, 13 Apr 2020 21:23:18 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
wp-embed.min.js
364daysofthanksgiving.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250812
x-cache
cached
vary
Accept-Encoding
content-length
765
x-xss-protection
1; mode=block
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
sharing.min.js
364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.7
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
vary
Accept-Encoding
content-length
3807
x-xss-protection
1; mode=block
last-modified
Wed, 05 May 2021 19:23:15 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
e-202120.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202120.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 24 May 2021 12:04:54 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 08 May 2022 21:00:05 GMT
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:54 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 16:26:41 GMT
etag
"52ef5c943baad21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
4564
expires
Tue, 24 May 2022 12:04:54 GMT
wp-emoji-release.min.js
364daysofthanksgiving.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://364daysofthanksgiving.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250810
x-cache
cached
vary
Accept-Encoding
content-length
4662
x-xss-protection
1; mode=block
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
5ce70334224177001254df7d.js
buttons-config.sharethis.com/js/ 		30 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5ce70334224177001254df7d.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2181:4c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 24 May 2021 12:04:56 GMT
via
1.1 b01cad2ed1269880253c38e06a99f4df.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 20:31:49 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P2
etag
"e6e1643313740711175f51662a65b42f"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
q3HGBoMXAyopCdyo_BuB3VMTUGsFKuQb0ZXVWRtL_NVD2j_FTyhmpA==
analytics.js
google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4484
date
Mon, 24 May 2021 10:50:10 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 24 May 2021 12:50:10 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v19/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway|Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://364daysofthanksgiving.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 15:35:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:35:07 GMT
server
sffe
age
332958
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21028
x-xss-protection
0
expires
Fri, 20 May 2022 15:35:36 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway|Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://364daysofthanksgiving.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
484354
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:20 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin
https://364daysofthanksgiving.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
cancel-culture.jpg
364daysofthanksgiving.com/wp-content/uploads/2021/05/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://364daysofthanksgiving.com/wp-content/uploads/2021/05/cancel-culture.jpg
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
4e7f7fcd6dae887d2d4af86c511eda21c2b07e37b18359b6c05b24b675026afe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2021/05/cancel-culture.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
251524
x-cache
cached
content-length
143831
x-xss-protection
1; mode=block
last-modified
Wed, 19 May 2021 18:40:14 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
image/jpeg
x-cache-hit
HIT
etag
"231d7-5c2b3284ad8be"
accept-ranges
bytes
blogheader02-1024x512.png
364daysofthanksgiving.com/wp-content/uploads/2015/11/ 		370 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://364daysofthanksgiving.com/wp-content/uploads/2015/11/blogheader02-1024x512.png
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.71.233.187 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
5a204bc2078ccbc3976e5167a418e89001c0fc497c2cc751132283f2dfa122e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2015/11/blogheader02-1024x512.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
364daysofthanksgiving.com
referer
https://364daysofthanksgiving.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
250811
x-cache
cached
content-length
378791
x-xss-protection
1; mode=block
last-modified
Mon, 02 Nov 2015 09:50:43 GMT
server
openresty
date
Mon, 24 May 2021 12:04:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
content-type
image/png
x-cache-hit
HIT
etag
"5c7a7-5238bb5ea22c0"
accept-ranges
bytes
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame CF94 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://364daysofthanksgiving.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://364daysofthanksgiving.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
cache-control
max-age=3600, public
date
Mon, 24 May 2021 11:25:19 GMT
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
KBAPihQPxGCOiu7FWX4CGMzHW6TAKYq1kkoNfw_CmTrCfHRqpVqD-g==
age
2375
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1161227329&t=pageview&_s=1&dl=https%3A%2F%2F364daysofthanksgiving.com%2F&ul=en-us&de=UTF-8&dt=364%20Days%20of%20Thanksgiving%20-%20Helping%20people%20find%20contentment%20in%20God&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1234213292&gjid=562919002&cid=859661760.1621857895&tid=UA-138300088-1&_gid=1454639742.1621857895&_r=1&_slc=1&z=882508442
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 May 2021 12:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://364daysofthanksgiving.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pinit_main.js
assets.pinterest.com/js/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.7402730891141676
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"2424d1362506bd5cb853b5162df0158b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=191
accept-ranges
bytes
content-length
18804
access-control-expose-headers
X-CDN
pview
l.sharethis.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=364daysofthanksgiving.com&location=%2F&product=ga&url=https%3A%2F%2F364daysofthanksgiving.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=364%20Days%20of%20Thanksgiving%20-%20Helping%20people%20find%20contentment%20in%20God&cms=unknown&publisher=5ce70334224177001254df7d&sop=true&bsamesite=true&consent_cookie_duration=77&consent_duration=77&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Helping%20people%20find%20contentment%20in%20God
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:04:54 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://364daysofthanksgiving.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ff705354d9b1ea1c25f12df3b8bdd130b646766cd2923028f01267bfc2ce7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sCVJEUG+5hXjz2uLM8hm6w==
cross-origin-resource-policy
cross-origin
expires
Mon, 24 May 2021 12:06:01 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
CrJOgX1a+Nh7eFwVv87xPtleHSzGNCK0TZ+m1IqaXdS/7gMxRRevpM1U9J3jOfFjI18wxVy4nD+MO88PWaumBg==
x-fb-trip-id
917726464
x-fb-content-md5
7051c8e2b81b51f9624d9190713452d2
date
Mon, 24 May 2021 12:04:54 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f351dad84012ed8081d7ea2032fa6e54"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.7&blog=65545582&post=0&tz=-5&srv=364daysofthanksgiving.com&host=364daysofthanksgiving.com&ref=&fcp=890&rand=0.6056398569979711
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:54 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
count.json
api.pinterest.com/v1/urls/ 		106 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2F364daysofthanksgiving.com%2Fcancel-culture%2F
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f7f72e3e942c736d5af192596b924694388c6b24685edde515caf32c1377b9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:55 GMT
x-content-type-options
nosniff
x-cdn
fastly
age
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
1
x-pinterest-rid
1577791138467078
content-length
106
expires
Mon, 24 May 2021 12:19:55 GMT
/
graph.facebook.com/ 		244 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2F364daysofthanksgiving.com%2Fcancel-culture%2F
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0bcb76cf524ce4f2971ea76b0a85a12312b7d481f26db6407915a08618994841
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1003841602
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
186
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
VyJxEaVXdi+9xNxZm7d6Zk+I+r9DlF0OpOsOX1zXHhnT7+NZlEYmGzNpgSTuCa6CSLsZkJwZzDiMfaFF6GTFDg==
x-fb-trace-id
EU7UWwA1S50
date
Mon, 24 May 2021 12:04:54 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A6UUmMPVJZ5pDwdg--H8r0v
cache-control
no-store
facebook-api-version
v3.3
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.39816228426301326
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:54 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.0758821791147204
Requested by
Host: 364daysofthanksgiving.com
URL: https://364daysofthanksgiving.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:54 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ 		216 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e4f24ae8f7fb614cf104d51b7c9c1601&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c21450f0369bf5a57bcd649a5da215865c32e03dc5e8bb197b5383650450cf82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://364daysofthanksgiving.com
Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tXSjiLiowcEJrLB+hQriFQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65184
x-fb-rlafr
0
x-fb-debug
HQ30u+TVwx7f7cMKJdM+T6e2OBJsabRdB7Vn2IAk448HQ4VMduyem3Op6lKFeRbhFFv0LHxFLG4PX/+OkrK1zg==
x-fb-content-md5
1f29a941b3d1666720c125dbe2571f42
x-frame-options
DENY
date
Mon, 24 May 2021 12:04:54 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a25d46ed06b4ce178122818413aec487"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 24 May 2022 10:44:36 GMT
event
img.secureserver.net/t/1/tl/ 		43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1621857895466&tce=1621857894412&tcs=1621857894211&tdc=1621857895265&tdclee=1621857894967&tdcles=1621857894964&tdi=1621857894963&tdl=1621857894518&tdle=1621857894211&tdls=1621857894211&tfs=1621857894210&tns=1621857893992&trqs=1621857894412&tre=1621857894515&trps=1621857894514&tles=1621857895265&tlee=1621857895267&ht=perf&dh=364daysofthanksgiving.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=1455491571&cv=1.0.6&z=1026460337&vg=2510cc67-5467-4743-8da8-072f90e1a0d9&vtg=2510cc67-5467-4743-8da8-072f90e1a0d9&ap=wpaas&trfd=%7B%22cts%22%3A1621857894963%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22a2nlwpweb141.prod.iad2.secureserver.net%22%2C%22xid%22%3A%2241736756%22%2C%22wp%22%3A%225.7.2%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%220%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22matheson%22%2C%22nextgen%22%3A%220%22%7D&dp=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.125.155 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-125-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 24 May 2021 12:04:55 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://364daysofthanksgiving.com, *
Access-Control-Max-Age
1000
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
X-XSS-Protection
1; mode=block
/
log.pinterest.com/ 		0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=CTrPDsjPCFBS&tv=2021040501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2F364daysofthanksgiving.com%2F&viaSrc=canonical
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://364daysofthanksgiving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:04:56 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-cache-hits
0
content-length
0
x-served-by
cache-mad22076-MAD
pragma
no-cache
server
envoy
x-timer
S1621857896.949371,VS0,VE96
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
6510047489564208
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| SSB object| ssbPlugin function| docLoadedFun function| toggleSidebarButtons object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ string| GoogleAnalyticsObject function| ga object| WPCOM_sharing_counts number| PIN_18771 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PIN_1621857894929 string| value string| key object| PinUtils object| jpfbembed function| fbAsyncInit object| GEM object| wp object| sharing_js_options object| twemoji object| WPCOMSharing undefined| windowOpen object| _stq object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true function| st_go function| linktracker_init object| wpcom object| FB

3 Cookies

Domain/Path Name / Value
.364daysofthanksgiving.com/ Name: _gat
Value: 1
.364daysofthanksgiving.com/ Name: _gid
Value: GA1.2.1454639742.1621857895
.364daysofthanksgiving.com/ Name: _ga
Value: GA1.2.859661760.1621857895

1 Console Messages

Source Level URL
Text
console-api log URL: https://364daysofthanksgiving.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

364daysofthanksgiving.com
api.pinterest.com
assets.pinterest.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
graph.facebook.com
img.secureserver.net
img1.wsimg.com
l.sharethis.com
log.pinterest.com
pixel.wp.com
platform-api.sharethis.com
stats.wp.com
www.google-analytics.com
151.101.132.84
192.0.76.3
198.71.233.187
2.16.186.121
23.35.125.155
2600:9000:20eb:3400:c:a9b7:ddc0:93a1
2600:9000:2181:2a00:1c:8a07:5e80:93a1
2600:9000:2181:4c00:c:abe:f440:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a02:26f0:6c00:281::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
52.58.221.124
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0bcb76cf524ce4f2971ea76b0a85a12312b7d481f26db6407915a08618994841
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
2790b050d606c7dca2f55a16934045dbadce10b36475968dbc876e9013424335
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4e7f7fcd6dae887d2d4af86c511eda21c2b07e37b18359b6c05b24b675026afe
5a204bc2078ccbc3976e5167a418e89001c0fc497c2cc751132283f2dfa122e9
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6eba7ed8e0d2585eb33a250d85cf2dd0cc88dfee7b7d07c724442adf6ef24aff
737dadb23f48c0823c3d5f597c2f9d34d81a8e964f013109fb366d7d84dffdc1
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
7f7f72e3e942c736d5af192596b924694388c6b24685edde515caf32c1377b9f
7ff705354d9b1ea1c25f12df3b8bdd130b646766cd2923028f01267bfc2ce7b5
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8a2e66e2253870c7a9ed6232f1cd8f15c3da296c65f52fe3d773190b5964eaa1
96215c4a18982853f076db794ca4dc3bf7f34d905c440eac6ee30749112356b4
9c403ca1d260fff15d14c485ce458f6a90d68a947da507105b02d16420d11f2f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bbb21d4bb1497f446105906a65a9e22ca56ad6ba82f1b3335fd152a37d4f4163
bcb4d3af062fe056aeaec571b0bb88d86921884d0b9f8c7ade25a285d8a3d6ad
c21450f0369bf5a57bcd649a5da215865c32e03dc5e8bb197b5383650450cf82
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
e0447c33437b68ce8263e7ce898c532cb1676e1dfc94662aea3300263e425265
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f647345f2b39a5b5ba7c175ae2c4024f9bf8b4cc5aa03a58dacabf0899a5df19
f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e