usatoday.secondstreetapp.com Open in urlscan Pro
199.19.89.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://api.secondstreetapp.com/m_c_t/32353722/190223998
Effective URL:
https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Submission: On May 19 via api (May 19th 2021, 1:31:12 pm UTC) from US

Summary HTTP 241 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 38 domains to perform 241 HTTP transactions. The main IP is 199.19.89.15, located in St Louis, United States and belongs to SSM-NET, US. The main domain is usatoday.secondstreetapp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 23rd 2020. Valid for: 2 years.

This is the only time usatoday.secondstreetapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.19.89.19 199.19.89.19	54105 (SSM-NET) (SSM-NET)
1 19	199.19.89.15 199.19.89.15	54105 (SSM-NET) (SSM-NET)
1	2600:9000:215... 2600:9000:2156:4600:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
62	151.101.14.62 151.101.14.62	54113 (FASTLY) (FASTLY)
1	52.88.195.36 52.88.195.36	16509 (AMAZON-02) (AMAZON-02)
8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	13.32.25.83 13.32.25.83	16509 (AMAZON-02) (AMAZON-02)
3	151.101.114.62 151.101.114.62	54113 (FASTLY) (FASTLY)
2	34.75.237.118 34.75.237.118	15169 (GOOGLE) (GOOGLE)
3	34.249.39.204 34.249.39.204	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	52.212.52.211 52.212.52.211	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1 3	99.86.242.117 99.86.242.117	16509 (AMAZON-02) (AMAZON-02)
1	143.204.97.28 143.204.97.28	16509 (AMAZON-02) (AMAZON-02)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bae8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.228.170.24 54.228.170.24	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	54.208.116.125 54.208.116.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b110:b216:4622:d058:b1a9	14618 (AMAZON-AES) (AMAZON-AES)
1	34.199.213.67 34.199.213.67	14618 (AMAZON-AES) (AMAZON-AES)
2	52.94.243.89 52.94.243.89	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	199.19.89.14 199.19.89.14	54105 (SSM-NET) (SSM-NET)
1 5	18.208.35.206 18.208.35.206	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	34.251.60.147 34.251.60.147	16509 (AMAZON-02) (AMAZON-02)
1 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1 1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	34.197.11.2 34.197.11.2	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2600:1f18:444... 2600:1f18:444a:4602:c18d:4a5:dcb1:ed3e	14618 (AMAZON-AES) (AMAZON-AES)
12	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	34.252.41.130 34.252.41.130	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
241	54

1 199.19.89.19 (St Louis, United States) 1 redirects

ASN54105 (SSM-NET, US)
PTR: 199-19-89-19.secondstreetmedia.com

api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 199.19.89.15 (St Louis, United States) 1 redirects

ASN54105 (SSM-NET, US)
PTR: 199-19-89-15.secondstreetmedia.com

usatoday.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed-795757.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4600:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 151.101.14.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.195.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)

d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-83.fra56.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.75.237.118 (North Charleston, United States)

ASN15169 (GOOGLE, US)

liqadprdct-capture-prod-east.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.39.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.212.52.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.242.117 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-117.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-28.fra50.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bae8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.170.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.208.116.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

10870841.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b216:4622:d058:b1a9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.213.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.243.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.19.89.14 (St Louis, United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-14.secondstreetmedia.com

media.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.208.35.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.60.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.11.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:c18d:4a5:dcb1:ed3e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.41.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	gannettdigital.com cpt-static.gannettdigital.com liqadprdct-capture-prod-east.gannettdigital.com	384 KB
42	2mdn.net s0.2mdn.net	315 KB
25	adsafeprotected.com cdn.adsafeprotected.com static.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	110 KB
22	secondstreetapp.com 2 redirects api.secondstreetapp.com usatoday.secondstreetapp.com embed-795757.secondstreetapp.com media.secondstreetapp.com	963 KB
14	googlesyndication.com beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	58 KB
10	liadm.com 2 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	17 KB
10	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	142 KB
7	gannett-cdn.com www.gannett-cdn.com api.gannett-cdn.com	51 KB
5	google.com news.google.com www.google.com adservice.google.com	51 KB
4	facebook.com www.facebook.com	561 B
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	94 KB
4	facebook.net connect.facebook.net	161 KB
3	googletagservices.com www.googletagservices.com	99 KB
3	igodigital.com 10870841.collect.igodigital.com nova.collect.igodigital.com	4 KB
3	associates-amazon.com z-na.associates-amazon.com assoc-na.associates-amazon.com	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	942 B
2	gstatic.com fonts.gstatic.com	73 KB
2	google.de www.google.de	171 B
2	google-analytics.com www.google-analytics.com	19 KB
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	googleapis.com fonts.googleapis.com	988 B
2	fastly.net confiant-integrations.global.ssl.fastly.net	35 KB
2	rlets.com cdn.rlets.com d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com	44 KB
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	sitescout.com 1 redirects pixel-sync.sitescout.com	265 B
1	rkdms.com mid.rkdms.com	47 B
1	zemanta.com 1 redirects b1sync.zemanta.com	291 B
1	taboola.com trc.taboola.com	240 B
1	google.pl adservice.google.pl	799 B
1	xg4ken.com resources.xg4ken.com	5 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	polyfill.io cdn.polyfill.io	721 B
0	usatoday.com Failed user.usatoday.com Failed
241	38

	Domain	Requested by
58	cpt-static.gannettdigital.com	usatoday.secondstreetapp.com cpt-static.gannettdigital.com
42	s0.2mdn.net	beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com s0.2mdn.net
17	embed-795757.secondstreetapp.com	usatoday.secondstreetapp.com embed-795757.secondstreetapp.com
12	dt.adsafeprotected.com	usatoday.secondstreetapp.com
9	pixel.adsafeprotected.com	usatoday.secondstreetapp.com
8	securepubads.g.doubleclick.net	cpt-static.gannettdigital.com usatoday.secondstreetapp.com securepubads.g.doubleclick.net beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com tpc.googlesyndication.com
5	i.liadm.com	1 redirects b-code.liadm.com i.liadm.com
4	pagead2.googlesyndication.com	usatoday.secondstreetapp.com tpc.googlesyndication.com www.googletagservices.com
4	www.facebook.com	usatoday.secondstreetapp.com connect.facebook.net
4	connect.facebook.net	embed-795757.secondstreetapp.com connect.facebook.net www.gannett-cdn.com
4	www.gannett-cdn.com	usatoday.secondstreetapp.com cpt-static.gannettdigital.com
3	www.googletagservices.com	securepubads.g.doubleclick.net beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
3	beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	sb.scorecardresearch.com	1 redirects www.gannett-cdn.com usatoday.secondstreetapp.com
3	static.adsafeprotected.com	cpt-static.gannettdigital.com pixel.adsafeprotected.com usatoday.secondstreetapp.com
3	api.gannett-cdn.com	usatoday.secondstreetapp.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	media.secondstreetapp.com	usatoday.secondstreetapp.com
2	nova.collect.igodigital.com	usatoday.secondstreetapp.com
2	www.google.de	usatoday.secondstreetapp.com
2	www.google.com	usatoday.secondstreetapp.com
2	assoc-na.associates-amazon.com	usatoday.secondstreetapp.com
2	www.google-analytics.com	www.gannett-cdn.com usatoday.secondstreetapp.com
2	b-code.liadm.com	www.gannett-cdn.com b-code.liadm.com
2	news.google.com	www.gannett-cdn.com news.google.com
2	cdn.krxd.net	www.gannett-cdn.com cdn.krxd.net
2	platform.twitter.com	embed-795757.secondstreetapp.com platform.twitter.com
2	fonts.googleapis.com	embed-795757.secondstreetapp.com
2	liqadprdct-capture-prod-east.gannettdigital.com	usatoday.secondstreetapp.com
2	confiant-integrations.global.ssl.fastly.net	cpt-static.gannettdigital.com confiant-integrations.global.ssl.fastly.net
2	usatoday.secondstreetapp.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	beacon.krxd.net	cdn.krxd.net
1	js-agent.newrelic.com	usatoday.secondstreetapp.com
1	i6.liadm.com	i.liadm.com
1	pixel-sync.sitescout.com	1 redirects
1	mid.rkdms.com	i.liadm.com
1	b1sync.zemanta.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	consumer.krxd.net	cdn.krxd.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	rp4.liadm.com	usatoday.secondstreetapp.com
1	rp.liadm.com	1 redirects
1	p1.parsely.com	usatoday.secondstreetapp.com
1	stats.g.doubleclick.net	usatoday.secondstreetapp.com
1	10870841.collect.igodigital.com	www.gannett-cdn.com
1	resources.xg4ken.com	www.gannett-cdn.com
1	www.googleadservices.com	www.gannett-cdn.com
1	cdn.parsely.com	www.gannett-cdn.com
1	z-na.associates-amazon.com	www.gannett-cdn.com
1	cdn.adsafeprotected.com	cpt-static.gannettdigital.com
1	d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com	cdn.rlets.com
1	cdn.polyfill.io	usatoday.secondstreetapp.com
1	cdn.rlets.com	usatoday.secondstreetapp.com
1	api.secondstreetapp.com	1 redirects
0	user.usatoday.com Failed	usatoday.secondstreetapp.com
241	63

This site contains links to these domains. Also see Links.

Domain
www.usatoday.com
puzzles.usatoday.com
profile.usatoday.com
supportlocal.usatoday.com
cm.usatoday.com
www.facebook.com
twitter.com
help.usatoday.com
www.twitter.com
go.snapchat.com
www.instagram.com
www.linkedin.com
www.pinterest.com

Subject Issuer	Validity	Valid
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
*.rlets.com Amazon	`2021-01-29` - `2022-02-27`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
usatoday.com R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.gannettdigital.com R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
z-na.associates-amazon.com Amazon	`2020-06-19` - `2021-07-19`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2020-09-14` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2020-12-14` - `2021-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-04-10`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Frame ID: 8A41E7A479D0001B5ABCC27984BC7D1D
Requests: 186 HTTP requests in this frame

Frame: https://d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com/static/storage.html
Frame ID: 1554D5882A63D2BDA8D7AF61D51BE498
Requests: 1 HTTP requests in this frame

Frame: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
Frame ID: 3305C417A91F5FA7568FAABC17A3BCEB
Requests: 26 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fembed-795757.secondstreetapp.com
Frame ID: 0143A267967681FE3D3E7CE5C0DF7990
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=false&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: D49CBE8BC79F20BC4F42B58FAAF1B765
Requests: 8 HTTP requests in this frame

Frame: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 480F0D03F687EF60266B90CB0D3848B4
Requests: 7 HTTP requests in this frame

Frame: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE5059623E272A3C6A64A56237914E2A
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=4993669145&chanId=adx/usatoday/poster-partner_secondstreet_0&placementId=5634285725&pubCreative=138342230273&pubOrder=2827544385&cb=1621431050280
Frame ID: 649205E3207A39F21C149810B909766E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
Frame ID: 1075D6551EF0B91373D0BC807F750C64
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
Frame ID: 744A96292DBF1408918AC781D739593F
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 265DC89093B135EB9B4A20702F858B18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B82FBB7F8FC0380DE416C10A374829C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://api.secondstreetapp.com/m_c_t/32353722/190223998 HTTP 302
http://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/ HTTP 302
https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

241
Requests

100 %
HTTPS

41 %
IPv6

38
Domains

63
Subdomains

54
IPs

6
Countries

2817 kB
Transfer

8715 kB
Size

6
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.usatoday.com/#mainContentSection
Title: Skip to main content

Search URL Search Domain Scan URL

URL: http://www.usatoday.com/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/sports/
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/life/
Title: Life

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/money/
Title: Money

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/tech/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/opinion/
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/subscriber-news/
Title: For Subscribers

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/weather/
Title: Weather

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/news/investigations/
Title: Investigations

Search URL Search Domain Scan URL

URL: http://puzzles.usatoday.com/
Title: Crosswords

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/topic/2927a1a3-6532-47ff-879b-5f23daf1bfc0/humankind/
Title: Humankind

Search URL Search Domain Scan URL

URL: https://profile.usatoday.com/newsletters/manage/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://supportlocal.usatoday.com/
Title: Support Local

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/site-feedback/
Title: Give Feedback

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=215046668549694&redirect_uri=https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/&link=&name=Betmgm%20Vegas%20Playoff%20Sweepstakes
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Betmgm%20Vegas%20Playoff%20Sweepstakes%20%20via%20@usatoday
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/

Search URL Search Domain Scan URL

URL: https://help.usatoday.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/privacy-policy/
Title: Your California Privacy Rights/Privacy Policy

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/ethical-conduct/
Title: Our Ethical Principles

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/cookie-policy/
Title: Do Not Sell My Info/Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/usatoday
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/usatoday
Title:

Search URL Search Domain Scan URL

URL: https://go.snapchat.com/add/usatoday
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/usatoday

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/usa-today
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/usatoday/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://api.secondstreetapp.com/m_c_t/32353722/190223998 HTTP 302
http://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/ HTTP 302
https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF-8&cv=3.5&c8=Betmgm%20Vegas%20Playoff%20Sweepstakes&c7=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF-8&cv=3.5&c8=Betmgm%20Vegas%20Playoff%20Sweepstakes&c7=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c9=

Request Chain 111

https://rp.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&se=e30&dtstmp=1621431048699 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&se=e30&dtstmp=1621431048699&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 204

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=bb27d3b0-19a1-4d22-9b15-b7edfdedd3f5

Request Chain 205

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01aa%2F0%2Fe14ee343dc5d4f51a9eb94d9db0e60d6%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01aa%2F0%2Fe14ee343dc5d4f51a9eb94d9db0e60d6%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-01aa/0/e14ee343dc5d4f51a9eb94d9db0e60d6?mpid=82775&muid=12196746402224060410938337529850582716

Request Chain 206

https://x.dlx.addthis.com/e/live_intent_sync?na_exid= HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y

Request Chain 208

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Request Chain 210

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent HTTP 303
https://i6.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent

241 HTTP transactions
43 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Redirect Chain

https://api.secondstreetapp.com/m_c_t/32353722/190223998
http://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

135 KB
37 KB

664ms
337ms

Document
text/html

199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b53994453d24b8c3f71f9479c6af11650bbcc8cae3a30a48285cefe0a253c0be

Request headers

Host: usatoday.secondstreetapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: .Stackify.Rum=1515a875-4020-433b-8f29-dc23e847c6eb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-StackifyID: V2|b979da76-ed4b-4585-aad8-e1fd0b56dfab|C69601|CD15
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-SS: 83
X-Powered-By: ASP.NET
Date: Wed, 19 May 2021 13:30:47 GMT
Content-Length: 37296
Set-Cookie: .Stackify.Rum=b979da76-ed4b-4585-aad8-e1fd0b56dfab; path=/; Httponly; Secure

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Server: Microsoft-IIS/10.0
X-StackifyID: V2|1515a875-4020-433b-8f29-dc23e847c6eb|C69601|CD15
X-SS: 83
X-Powered-By: ASP.NET
Date: Wed, 19 May 2021 13:30:46 GMT
Content-Length: 187
Set-Cookie: .Stackify.Rum=1515a875-4020-433b-8f29-dc23e847c6eb; path=/; Httponly

GET
H2 200 2254404b5aa371829c5b7d2.js Show response
cdn.rlets.com/capture_configs/d7e/b29/8c4/ 165 KB
42 KB 64ms
13ms Script
text/javascript 2600:9000:2156:4600:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_configs/d7e/b29/8c4/2254404b5aa371829c5b7d2.js
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f3707832e6eddeaeb5d4887aa099043a48bd79785bd67e428503835d86724d8

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 06:08:42 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 04:05:03 GMT
server: AmazonS3
age: 26526
etag: W/"87943fb68a811b37da9233ebca369bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ESeInO53YF6NEEjr900Ji-uvlA45dpKXtBOBo5UDfmJJu10_Yod-wg==

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 505 B
721 B 23ms
6ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7fbf2d6d7c216dc02e3ce82f157524b829a377018648ccb14cc994ab2242307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2967403
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 258
referrer-policy: origin-when-cross-origin
last-modified: Wed, 14 Apr 2021 07:25:02 GMT
date: Wed, 19 May 2021 13:30:47 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gallium.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 11 KB
4 KB 227ms
138ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 1998
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3450
x-served-by: cache-bwi5139-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.263925,VS0,VE94
etag: "9d4cfa8b4479f0101a58ee3de131cec1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 custom-elements-es5-adapter.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 938 B
913 B 134ms
46ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 46620
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 493
x-served-by: cache-bwi5122-BWI, cache-fra19154-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.263788,VS0,VE2
etag: "8af5f1900788253d8384715a01425ab7"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 story.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/ 477 KB
114 KB 231ms
142ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

65c32ce952673b7f05df39db8597340ef7ce06c97521c4ed1865f9fff4d7b391

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 873
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 116516
x-served-by: cache-bwi5133-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.264029,VS0,VE98
etag: "319ad865b3ccee4ab9d3a069d912ba7a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 webcomponents-loader.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 4 KB
2 KB 44ms
44ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 46620
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1524
x-served-by: cache-bwi5125-BWI, cache-fra19154-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.312302,VS0,VE2
etag: "596ad3dc06dfb78ecdc6bcee1d653f04"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 storage.html Show response
d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com/static/ Frame 1554 2 KB
3 KB 627ms
206ms Document
text/html 52.88.195.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d7e/b29/8c4/2254404b5aa371829c5b7d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.195.36 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b2c12be7a226d95f29187c58c8878d9c4238d0a946a31b2bdb85f231a6e5891c

Request headers

:method: GET
:authority: d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com
:scheme: https
:path: /static/storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usatoday.secondstreetapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-type: text/html
content-length: 2464
last-modified: Thu, 06 May 2021 18:33:58 GMT

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 17 KB
18 KB 160ms
160ms Font
binary/octet-stream 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1019
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17876
x-served-by: cache-bwi5130-BWI, cache-fra19128-FRA
server: AmazonS3
x-timer: S1621431047.319603,VS0,VE94
etag: "eec61fc37ea7dff16e6503e33ab66949"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/ 2 KB
2 KB 45ms
43ms Image
image/svg+xml 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/logo-default.svg
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=NfvTuA==, md5=rixp6c7I+EFcD/KrijDFlQ==
date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1731629
x-amz-meta-goog-reserved-file-mtime: 1521817516
x-guploader-uploadid: ABg5-UzPf2MVdsbOxBTbvfN1fgjHJFCJxqfKJXqiqwkT-Ope_VzcHt1SuloyNQmTQyEVaIUXc_r6_9dF70jIu1X9VbY
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 1052
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5125-BWI, cache-fra19154-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Mon, 18 Feb 2019 22:02:27 GMT
server: UploadServer
x-timer: S1621431047.342085,VS0,VE0
etag: "ae2c69e9cec8f8415c0ff2ab8a30c595"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 29 Apr 2021 12:30:18 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H/1.1 200
OK embed.js Show response
embed-795757.secondstreetapp.com/Scripts/dist/ 64 KB
19 KB 483ms
149ms Script
application/javascript 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/Scripts/dist/embed.js
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90eba6c6a5dbcb6da1affe765616b01d288c4cbe4045cfd0a7b715229b057aba

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:47 GMT
Content-Encoding: gzip
ETag: "04214b3ec3fd71:0"
Last-Modified: Mon, 03 May 2021 07:19:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 79
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 18769

GET
H2 200 icon-instagram_24.png
www.gannett-cdn.com/appservices/universal-web/universal/icons/ 1 KB
2 KB 46ms
44ms Image
image/webp 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/appservices/universal-web/universal/icons/icon-instagram_24.png
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7Zl2A==, md5=jsIx6sz1jM5jkVlnRj//9g==
x-amz-meta-goog-reserved-posix-uid: 1001
via: 1.1 varnish, 1.1 varnish
etag: "/L0xKU3vkCKirp9KYAZTZpu24jIFXk7C60eR67+OxAk"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1646751
x-amz-meta-goog-reserved-file-mtime: 1488574391
x-guploader-uploadid: ABg5-Uwe0GzCwtKxRU6rCdlHfEWQfnWEgscx7aUObOQo7r9Y7b6pUYaQ8-fO28yKiRHje50mbKaZkvuhZ7z6-CUs7mE
x-cache: HIT, HIT
fastly-io-info: ifsz=1483 idim=24x24 ifmt=png ofsz=1282 odim=24x24 ofmt=webp
x-goog-storage-class: NEARLINE
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
fastly-stats: io=1
content-length: 1282
x-served-by: cache-bwi5137-BWI, cache-fra19154-FRA
x-amz-meta-goog-reserved-file-atime: 1498140858
x-amz-meta-goog-reserved-posix-mode: 775
server: UploadServer
x-timer: S1621431047.342631,VS0,VE0
date: Wed, 19 May 2021 13:30:47 GMT
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-goog-reserved-posix-gid: 1003
expires: Fri, 30 Apr 2021 12:04:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1238

GET
H2 200 webcomponents-hi.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 11 KB
4 KB 132ms
132ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 888
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3650
x-served-by: cache-bwi5146-BWI, cache-fra19154-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.359114,VS0,VE89
etag: "2e02d950c1c199919a375acfd1fbc108"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 partner.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 66 KB
15 KB 140ms
139ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

989ddb1b96ee4dd0e5b65c9f00f23d8a56a1c482dc4d17ab67bae6d488eac238

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 4360
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 14873
x-served-by: cache-bwi5132-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.411912,VS0,VE91
etag: "daa66e733a9b33461d99def5a92f8029"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 5, 0

GET
H2 200 utils.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 16 KB
5 KB 139ms
139ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6be084013be9114131db05e43e8a6875b2eaff5b66139814b6ca572b6170e5d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 134
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4540
x-served-by: cache-bwi5137-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431047.411894,VS0,VE91
etag: "d84466c34486fbc3558ab4c97ecda859"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H/1.1 200
OK Cookie set / Show response
embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/ Frame 3305 2 KB
2 KB 161ms
161ms Document
text/html 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/

Requested by

Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/Scripts/dist/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),

Reverse DNS

199-19-89-15.secondstreetmedia.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ba904795e6503e927b1278273f247b7eea39599a9ee2f0c51903d96dd870c33c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.secondstreetapp.com http://embed.secondstreetapp.com http://GateHouseMediaInc.secondstreetapp.com http://root.secondstreetapp.com http://tripology.secondstreetapp.com http://usatoday.secondstreetapp.com http://usatoday.upickem.net https://.secondstreetapp.com https://sportsawards.usatoday.com https://www.facebook.com

Request headers

Host: embed-795757.secondstreetapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://usatoday.secondstreetapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-StackifyID: V2|0e2d99db-c1c8-471e-8517-2858461391ca|C69601|CD12
X-AspNetMvc-Version: 5.2
Content-Security-Policy: frame-ancestors http://*.secondstreetapp.com http://embed.secondstreetapp.com http://GateHouseMediaInc.secondstreetapp.com http://root.secondstreetapp.com http://tripology.secondstreetapp.com http://usatoday.secondstreetapp.com http://usatoday.upickem.net https://*.secondstreetapp.com https://sportsawards.usatoday.com https://www.facebook.com
X-AspNet-Version: 4.0.30319
X-SS: 79
X-Powered-By: ASP.NET
Date: Wed, 19 May 2021 13:30:47 GMT
Content-Length: 1184
Set-Cookie: .Stackify.Rum=0e2d99db-c1c8-471e-8517-2858461391ca; path=/; Httponly; Secure

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 16 KB
16 KB 132ms
132ms Font
binary/octet-stream 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1514
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 16620
x-served-by: cache-bwi5126-BWI, cache-fra19128-FRA
server: AmazonS3
x-timer: S1621431048.867566,VS0,VE89
etag: "3813aba0274244941c060a0cba29c5a2"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 0

GET
H2 200 universal.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/ 25 KB
5 KB 139ms
139ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/universal.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

412d225480e1d94394ffc47ef625f253babd2fdd7a75c687989965fa64895bed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 131
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5502
x-served-by: cache-bwi5126-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.897309,VS0,VE96
etag: "072e0ac3d5309e6b58d8c9490242f992"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 polymer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
703 B 138ms
138ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:47 GMT
content-encoding: gzip
age: 1988
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 566
x-served-by: cache-bwi5145-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.897207,VS0,VE95
etag: "59e5636d674dc205ed0f95606d4ad938"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 165ms
55ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

89fe83e17028718a46d1385651c9927392cbedb70b692e70c0d87a2fe0174041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "876 / 422 of 1000 / last-modified: 1621422696"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21268
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/ 6 KB
3 KB 153ms
46ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/config.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bf18a67091315f0ff905457dd306fe123379fbbf13b0b312e630d5f94d2489f

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: gzip
Age: 2683
X-Cache: HIT
Connection: keep-alive
Content-Length: 2056
x-amz-id-2: zQqtfpdXGX2D2D/xGIUn9otFGblMOUePLuz2+fvRPIM6Z1ek/pajYvDM798bgWYyyXRpSB+a0r8=
X-Served-By: cache-hhn4065-HHN
Last-Modified: Wed, 19 May 2021 11:17:37 GMT
Server: AmazonS3
X-Timer: S1621431048.017521,VS0,VE0
ETag: "27058fbfcf4e616a5937be9290b1ed7c"
x-amz-request-id: 14V065R8Y5ZYD4HA
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 45

GET
H2 200 adx Show response
securepubads.g.doubleclick.net/gampad/ 13 B
775 B 187ms
82ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/adx?iu=%2F7103%2Fswg%2Fpts_usatoday&sz=1x1&ref=&cookie=null&c=698966089182699&tile=1&u_tz=120

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

1c8bbf82d3d618b11ecbfff6de665868bf8cc15f2b31e02dbb7b5f3236b7514a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17
x-xss-protection: 0
google-lineitem-id: 4882357635
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138253420736
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 132ms
44ms Script
application/javascript 13.32.25.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 23:57:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 308005
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: V0gwPac96R8zOJCu-pb7zGmq3QhZkY1K4CI_JmeXmtnoLrzAR3-JOA==

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/USAT/ 19 KB
5 KB 243ms
133ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/USAT/10?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&searchtype=socialReferrals

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

b4fd13be1430a46a27342c22fd60a36ea8f09a36517697b0e3475a4b9daaf622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, HIT, MISS
access-control-max-age: 3628800
content-encoding: gzip
content-length: 4591
x-served-by: cache-bwi5043-BWI, cache-bwi5149-BWI, cache-hhn4046-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Wed, 19 May 2021 13:30:48 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1621431048.033437,VS0,VE87
fam-ttl: 120.000
x-cache-hits: 0, 2, 0

GET
H2 200 / Show response
api.gannett-cdn.com/argon/navigation/3805/top_nav_primary/ 13 KB
3 KB 156ms
46ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/argon/navigation/3805/top_nav_primary/?apiKey=f6YYPA1hPnB9Y9chky5GOmrZKmaguLVh

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

f34c58477f3e6c6dba8fe9b6e2e15a75a2a7994f9a38708b62b5c9702ad19fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 5434
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 2458
x-served-by: cache-bwi5031-BWI, cache-bwi5145-BWI, cache-hhn4046-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Wed, 19 May 2021 13:30:48 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1621431048.033383,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 126 KB
34 KB 43ms
43ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ab0e2ccf006a37a8b9d426e1847e9dd2f04bdd2f20b728d99959da707b76796

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RgkZpA==, md5=I9WKJFtiRLX4wCcJVIEOnQ==
date: Wed, 19 May 2021 13:30:47 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 99
x-amz-meta-goog-reserved-file-mtime: 1621372098
x-guploader-uploadid: ABg5-Uw2X1EsZ8nxLk9zLkWCpdyCSTF-3u7DHWc3Hhp95_OiOuWGHDGTm7n3Ztb9omi5QOFjgW2HRx-cC-s_WI54fMEZVu0J2w
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-encoding: br
content-length: 34119
x-served-by: cache-bwi5139-BWI, cache-fra19154-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Tue, 18 May 2021 21:08:37 GMT
server: UploadServer
x-timer: S1621431048.936399,VS0,VE0
etag: "23d58a245b6244b5f8c0270954810e9d"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 19 May 2021 10:59:05 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 3

GET
H2 200 / Show response
api.gannett-cdn.com/thorium/breaking-news/ 56 B
231 B 216ms
135ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/breaking-news/?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&site-code=USAT

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 110
x-cache: MISS, HIT, MISS
access-control-max-age: 3628800
content-encoding: gzip
content-length: 65
x-served-by: cache-bwi5065-BWI, cache-bwi5151-BWI, cache-hhn4046-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Wed, 19 May 2021 13:30:48 GMT
vary: accept-encoding,Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-timer: S1621431048.033575,VS0,VE89
fam-ttl: 300.000
x-cache-hits: 0, 1, 0

GET /
user.usatoday.com/USAT-GUP/user/ 0
0

GET
H2 200 UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 18 KB
18 KB 138ms
137ms Font
binary/octet-stream 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 592
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17984
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
server: AmazonS3
x-timer: S1621431048.975768,VS0,VE94
etag: "79f7fee52a3077ef23d7fb327d25836a"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 USAT-TEALIUM-UW.json Show response
www.gannett-cdn.com/dcc/prod/ 44 KB
5 KB 45ms
43ms XHR
application/json 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcc/prod/USAT-TEALIUM-UW.json
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b595c3d94da86f267479f97c910caef07f8642830988f401fd005ea3e74a002c

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=9RlWmQ==, md5=Mlxvsgcue9Ar/NWyGJi4ow==
date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 221
x-amz-meta-goog-reserved-file-mtime: 1621352202
x-guploader-uploadid: ABg5-UyRhuC0TTZsuCIAKbkYOKOWsxRA1dvcoCKT4Rko7R96AM4OvJ2n47YW5NRl3UFvhkZqsJYxeB7mVHYF_0W970XW-YlhGQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-encoding: br
content-length: 4869
x-served-by: cache-bwi5166-BWI, cache-fra19128-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Tue, 18 May 2021 15:42:07 GMT
server: UploadServer
x-timer: S1621431048.086792,VS0,VE0
etag: "325c6fb2072e7bd02bfcd5b21898b8a3"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Wed, 19 May 2021 02:06:19 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3

GET
H2 200 legacy-element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 37 KB
10 KB 148ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/legacy-element-mixin.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 2422
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9579
x-served-by: cache-bwi5136-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.107897,VS0,VE92
etag: "e182a618aa069c09654ed09ef890b38f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 polymer-fn.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 2 KB
913 B 141ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer-fn.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 130
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 788
x-served-by: cache-bwi5127-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.107882,VS0,VE91
etag: "f69a78f7e6b1f490c8a66bdfeed9b755"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 templatizer-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 6 KB
2 KB 140ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/templatizer-behavior.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 130
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2150
x-served-by: cache-bwi5149-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.107867,VS0,VE90
etag: "5108bed49f7d2059e843190568827c78"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 dom-bind.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 6 KB
2 KB 140ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-bind.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 130
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2102
x-served-by: cache-bwi5127-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108129,VS0,VE91
etag: "b4a48e966b782a29f9eb97504fbd2534"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 dom-repeat.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 26 KB
8 KB 139ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-repeat.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 129
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 8310
x-served-by: cache-bwi5149-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108098,VS0,VE90
etag: "637b0dc7b05af8208e9feec11b1820b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 dom-if.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 10 KB
4 KB 143ms
139ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-if.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 129
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3950
x-served-by: cache-bwi5137-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108085,VS0,VE97
etag: "af73511b80cee1662a0de4cc9dff63d1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 array-selector.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 14 KB
4 KB 141ms
137ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/array-selector.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1389
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3976
x-served-by: cache-bwi5139-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108094,VS0,VE93
etag: "a1595b639d74f3050eb026b41a74091a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 custom-style.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 5 KB
2 KB 140ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/custom-style.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 130
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2149
x-served-by: cache-bwi5138-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108087,VS0,VE93
etag: "fcbc04a6dd50b1732b8fc9eb59e7a0af"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 mutable-data-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 7 KB
2 KB 136ms
133ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/mutable-data-behavior.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 2575
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1897
x-served-by: cache-bwi5141-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.108457,VS0,VE89
etag: "196d340215322974470d1fa62c847bad"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 0

GET
H2 200 html-tag.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 5 KB
2 KB 142ms
140ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/html-tag.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 129
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1878
x-served-by: cache-bwi5127-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.111850,VS0,VE93
etag: "80e4a3f100498961955505681bfd17b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

OPTIONS
H/1.1 200
OK insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ Frame 0
0 543ms
179ms Preflight
text/plain 34.75.237.118
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Protocol: HTTP/1.1
Server: 34.75.237.118 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://usatoday.secondstreetapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-type: text/plain
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PATCH
access-control-expose-headers
access-control-max-age: 1728000
access-control-allow-headers: content-type
x-envoy-upstream-service-time: 35
server: envoy
transfer-encoding: chunked

POST
H/1.1 200
OK insights Show response
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ 0
541 B 147ms
147ms XHR
text/plain 34.75.237.118
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.75.237.118 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
transfer-encoding: chunked
x-envoy-upstream-service-time: 6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 58507582-dff1-435c-a0e9-3b6b47080e88
x-runtime: 0.003248
server: envoy
x-frame-options: SAMEORIGIN
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache

GET
H2 200 iasADX.js Show response
static.adsafeprotected.com/ 12 KB
4 KB 415ms
65ms Script
application/javascript 34.249.39.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasADX.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 17:10:12 GMT
server: nginx/1.16.1
age: 252125
etag: W/"4690977459fac18531cecf0d0078b94d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H2 200 icon
fonts.googleapis.com/ Frame 3305 568 B
461 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 May 2021 13:30:48 GMT
server: ESF
date: Wed, 19 May 2021 13:30:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H/1.1 200
OK consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
embed-795757.secondstreetapp.com/assets/CSS/ Frame 3305 93 KB
16 KB 154ms
152ms Stylesheet
text/css 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/assets/CSS/consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3877e7cb23b8db0dfe8ad3d252911aa8fbbb79488878c528005421bb677621e7

Request headers

Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:47 GMT
Content-Encoding: gzip
ETag: "015e3b1ec3fd71:0"
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 79
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 16547

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3305 3 KB
2 KB 16ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34743a016a9a2f87611c865a3a9f5d86f79a37ba115db3e6981ffb59cf164973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: R1+ziQgnm3mQbVF2xfw+BQ==
cross-origin-resource-policy: cross-origin
expires: Wed, 19 May 2021 13:40:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: T0wsz3sZL73nUOyXYIt9i0vYXYWJ5uQRCV35uRQhjNk4To8viPX4yrumEy4BkdFrgCeSOpRgoncS8x83VG7/ug==
x-fb-trip-id: 1709462857
x-fb-content-md5: 44621f76dc9109fb014ef9208dc68d56
date: Wed, 19 May 2021 13:30:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d1881fb2e372bda9e1fb1fe93051abaa"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK vendor-ab1d624f49c33e5e140d024e7cdad20e.js Show response
embed-795757.secondstreetapp.com/assets/ Frame 3305 2 MB
373 KB 311ms
149ms Script
application/javascript 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ee6a1d1fc24ccb9331d1c72c37f6b9868845bb8de242f7f35de68d2fa19d3e80

Request headers

Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:47 GMT
Content-Encoding: br
ETag: "015e3b1ec3fd71:0"
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 79
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 381204

GET
H/1.1 200
OK consumer-sweepstakes-69a8adc10a6df4a070b8947229aecd3e.js Show response
embed-795757.secondstreetapp.com/assets/ Frame 3305 439 KB
70 KB 451ms
150ms Script
application/javascript 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/assets/consumer-sweepstakes-69a8adc10a6df4a070b8947229aecd3e.js
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb60ef80ac206612ba998d86105363d47262227a6fff6eb15f8521542f818b04

Request headers

Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: gzip
ETag: "015e3b1ec3fd71:0"
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 113
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 71793

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105171519/ 101 KB
33 KB 50ms
49ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105171519/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a318fb82dbfa52908b72a4718472aeeaa8913b713bf2f4140b523fa78913f46

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: gzip
Age: 772
X-Cache: HIT
Connection: keep-alive
Content-Length: 32811
x-amz-id-2: TkA9iDCqaDBLG4yY82rBn9svYMvbzWsvGEH6zHSO6Mo8bw8MWgEliSNGNnhv/jm1oy4l+En8+1M=
X-Served-By: cache-hhn4065-HHN
Last-Modified: Mon, 17 May 2021 19:20:53 GMT
Server: AmazonS3
X-Timer: S1621431048.143190,VS0,VE0
ETag: "da03f0b6f7fb6caaef2db82695560637"
x-amz-request-id: Q8CG7TJR70CR99QC
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 121

GET
H3-29 200 pubads_impl_2021051701.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
108 KB 118ms
60ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 00:12:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H2 200 UnifySerif_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
20 KB 141ms
140ms Font
binary/octet-stream 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_Rg.woff2

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://usatoday.secondstreetapp.com
Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 20664
x-served-by: cache-bwi5139-BWI, cache-fra19128-FRA
server: AmazonS3
x-timer: S1621431048.176745,VS0,VE97
etag: "b7f3cbc37e81dca80a0ddc3a6da81245"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 mutable-data.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 137ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/mutable-data.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 871
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2938
x-served-by: cache-bwi5149-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.254373,VS0,VE93
etag: "05940a4653c18c7be3a3ba99f347399f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 polymer-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
821 B 133ms
133ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer-element.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 690
x-served-by: cache-bwi5145-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.262260,VS0,VE90
etag: "28a69955a42d52a754d86372a315c278"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 templatize.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 25 KB
8 KB 136ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/templatize.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7544
x-served-by: cache-bwi5136-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.264326,VS0,VE92
etag: "2be0b54f4f601653616444827efb1bd3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 debounce.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 132ms
131ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/debounce.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1692
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1639
x-served-by: cache-bwi5127-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.264438,VS0,VE89
etag: "cf0a53fd3761cf764a0fc5fbc8e63ce3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 flush.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
865 B 141ms
140ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flush.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 723
x-served-by: cache-bwi5147-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.264472,VS0,VE96
etag: "e006b92de5a57141c12c7391366b1f80"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 class.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 19 KB
6 KB 137ms
137ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/class.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6083
x-served-by: cache-bwi5126-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.267373,VS0,VE92
etag: "d81a318152a45625200636de2f23065e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 boot.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 132ms
131ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/boot.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1987
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1030
x-served-by: cache-bwi5121-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.276993,VS0,VE89
etag: "3baffbfb6ca8cfe5930d91fcb388b077"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 property-effects.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 99 KB
25 KB 136ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-effects.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 25739
x-served-by: cache-bwi5133-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.277355,VS0,VE91
etag: "450f1e748a1b9f8db370847325ef559d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 gesture-event-listeners.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 5 KB
2 KB 137ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/gesture-event-listeners.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1652
x-served-by: cache-bwi5137-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.277627,VS0,VE94
etag: "81aec249ab16ecd66d87185d1af24db5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 apply-shim.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 555 B
449 B 138ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1511
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 320
x-served-by: cache-bwi5138-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.283184,VS0,VE93
etag: "75f54922d2507d0c43bdf946149c38b1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 31 KB
9 KB 143ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/element-mixin.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 122
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9312
x-served-by: cache-bwi5144-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.283689,VS0,VE94
etag: "06d1ac177cb051cec8015d7380f651e1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 dir-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 7 KB
3 KB 143ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/dir-mixin.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2583
x-served-by: cache-bwi5144-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.283661,VS0,VE95
etag: "7b05eec04633200f3f7f2fd916cc3886"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 144ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/mixin.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 122
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1003
x-served-by: cache-bwi5140-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.291162,VS0,VE90
etag: "6a6416522b85e5f0febd7a1dde74b24a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 import-href.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
2 KB 147ms
137ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/import-href.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 2911
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.292275,VS0,VE95
etag: "b683689a8b2889b362fe6bd8e688d820"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 0

GET
H2 200 render-status.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 145ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/render-status.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1242
x-served-by: cache-bwi5125-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.292605,VS0,VE94
etag: "ceba86ff1e6d164821527d112d1893ee"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 unresolved.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 867 B
600 B 144ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/unresolved.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 465
x-served-by: cache-bwi5141-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.292586,VS0,VE92
etag: "39488a6f062edf87128458154f8d385d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 polymer.dom.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 11 KB
4 KB 135ms
133ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer.dom.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 793
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3648
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.292881,VS0,VE89
etag: "5c6f8ed3d9de31616650d0749dd15004"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 custom-style-interface.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 567 B
469 B 135ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 128
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 326
x-served-by: cache-bwi5146-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.293315,VS0,VE90
etag: "ceb0842ff6c53d8d13d6cf2345f41490"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 style-gather.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 9 KB
3 KB 135ms
133ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/style-gather.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 128
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2463
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.293275,VS0,VE89
etag: "69dbd531aa8cfa3ce4d98be353c255b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 array-splice.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 8 KB
3 KB 135ms
134ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/array-splice.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 121
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2909
x-served-by: cache-bwi5134-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.293262,VS0,VE92
etag: "938a97f298390ce029cece727c84d823"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
217 B 253ms
75ms Image
image/gif 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app31.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 3305 95 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6712)
Age: 1076
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3305 213 KB
63 KB 30ms
15ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0d665d8a0fbb4888ecfac0d7111be901&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe3708328bf4e1d00e816c2d95f99e6774a2465ff8363a8f387d16b1c7e8ebd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://embed-795757.secondstreetapp.com
Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TYyYwCQh1cgj+KvKjZF/Sg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64595
x-fb-rlafr: 0
x-fb-debug: MARrxXAC9FLauQfoT4EBY1brIBvg88G68NEyAWvqlVgc/R7H+xJLBs5Qh2bOh/3V7F6NBd3QecNtJaeDxyDU3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 450deca73acfdbae358db57dc9168917
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 19 May 2021 13:30:48 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "95baa1cd0541f348ac68cae7c38e573e"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 13:09:26 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 271 B
512 B 223ms
93ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-leaderboard-atf-0-container,ss:%5B728.90%5D,p:/7103/usatoday/leaderboard_atf-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 90eb8dc338f3e4ee58277264b969b9d45a7e8c395fc48d288c3a278ad90b0724

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app36.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 258 B
498 B 198ms
70ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-leaderboard-btf-1-container,ss:%5B728.90%5D,p:/7103/usatoday/leaderboard_btf-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eccfd283fdedc03a9f51b302acd02f26c53e14a1c525410fcc146df28729e0f7

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 302 B
543 B 220ms
93ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-2-container,ss:%5B300.250,300.600%5D,p:/7103/usatoday/poster-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ae50ece6963c07c0442607c44a08eedf62357305a3052fabe6ec71b7ef67b4c

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app19.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 297 B
538 B 196ms
70ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-3-container,ss:%5B300.250,300.600%5D,p:/7103/usatoday/poster-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 674f27a57710c4edb77ae46d8006638b8f382ffeba71ab81d7f7be65bea6afc6

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app16.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 297 B
538 B 197ms
72ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-4-container,ss:%5B300.250,300.600%5D,p:/7103/usatoday/poster-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 07882397107d8464d6bf241369160426df81eacbfca30b4f8d07229a3719b701

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app27.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 349 B
590 B 194ms
69ms XHR
application/json 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-scroll-5-container,ss:%5B300.250,300.600%5D,p:/7103/usatoday/poster_scroll-partner_secondstreet,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7cb70cbc-297a-de42-4a2d-cfb6c16bdc6c&url=https%253A%252F%252Fusatoday.secondstreetapp.com%252FBetMGM-Vegas-Playoff-Sweepstakes%252F
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cf218f4d9269df8196d52365de92f37f291778b7d03fe3dd50b19a4e8cbf66bc

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
x-server-name: app02.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 suual7uwr.js Show response
cdn.krxd.net/controltag/ 37 KB
11 KB 149ms
46ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/suual7uwr.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 97506b431fd2f5f432b30d76fab0adfc2a2b1f9fbc6f7a56895a516bbb96f017

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 546
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 10636
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5140-BWI, cache-fra19156-FRA
x-response-time: 1
x-do-esi: esi
x-timer: S1621431049.567191,VS0,VE0
etag: "e7912be242154c67a4c59dbf22823985a5b5302e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 4

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 167ms
54ms Script
application/javascript 99.86.242.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-117.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:06:45 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1444
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: NwQee7TM4jWWXUboNUfhAbyl08-SMCQnN-o66YLNT-JH09_gR3tuAA==

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 10 KB
3 KB 201ms
52ms Script
text/javascript 143.204.97.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=d987ab8b-f962-42cf-a0eb-81c187032d94
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-28.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 07:13:20 GMT
content-encoding: gzip
accept-charset: UTF-8
server: Server
age: 22648
x-amz-rid: CTK2863KRZ40PQ4N6N2M
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OT1qmHW6WKSrAzWlvvqYoAj1aHxiOzX7MC6dD2EJ05cotUt4c3K5aQ==
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)

GET
H2 200 p.js Show response
cdn.parsely.com/keys/usatoday.com/ 71 KB
25 KB 164ms
56ms Script
application/x-javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/usatoday.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 18 May 2021 18:26:08 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 14:30:41 GMT
server: nginx
age: 76524
etag: W/"609be691-11d9d"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7Oy-8LEUiCEZrZiIlqUhkaDDZrHTyUaq3R9N3EJj37C79z0-8o-dsQ==
expires: Wed, 19 May 2021 16:15:24 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
44 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2297
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
expires: Wed, 19 May 2021 13:42:31 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 168ms
61ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 7512236244504453440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H2 200 a-01aa.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 36ms
10ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01aa.min.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cac94dfb0a22bcd2ed4e91a606831646afb82c8e4cfaa5bdcce9c47db8473ba5

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:35:16 GMT
etag: "e0b6b418203ea15f8f6f42430a412429"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=234
accept-ranges: bytes
content-length: 9831

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-xss-protection: 0
pragma: public
x-fb-debug: naxyYYVg6z0dwP5Hx03YaRJfjORzLoBrAIQe9FZtWFXj0oGjXiJ9YYKUyTqC1cMa/MeN7Dd2EVMVm1Bd3RG5Vg==
x-frame-options: DENY
date: Wed, 19 May 2021 13:30:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 12 KB
5 KB 275ms
62ms Script
text/plain 54.228.170.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.170.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8c5f4006b343f0b4aeebff7cdc5fde3ab0ec012aa124c3457e3ce326a15f72f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Apr 2021 06:55:44 GMT
Server: nginx
ETag: "6073eef0-1110"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 4368
X-XSS-Protection: 1; mode=block
Expires: Thu, 20 May 2021 13:30:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 52
date: Wed, 19 May 2021 13:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 19 May 2021 15:29:56 GMT

GET
H2 200 collect.js Show response
10870841.collect.igodigital.com/ 9 KB
2 KB 442ms
136ms Script
application/javascript 54.208.116.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10870841.collect.igodigital.com/collect.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 20:06:18 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 async.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 6 KB
2 KB 141ms
140ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/async.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1666
x-served-by: cache-bwi5150-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.482723,VS0,VE97
etag: "a132e7f672cffc216d420d202cf26b14"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 gestures.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 27 KB
8 KB 137ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/gestures.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 2565
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7889
x-served-by: cache-bwi5132-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.488841,VS0,VE93
etag: "ab9b79dd0eccf903828ccc487b6b1c05"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 4, 0

GET
H2 200 settings.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 132ms
132ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/settings.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.492148,VS0,VE90
etag: "15942810acd52ae2b0eb80847a8f5471"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 resolve-url.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 136ms
136ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/resolve-url.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1986
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1295
x-served-by: cache-bwi5123-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.492537,VS0,VE94
etag: "75c1476d2c704094aa9e0a2ad4fb8e1f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 dom-module.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 7 KB
3 KB 135ms
135ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-module.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1986
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2659
x-served-by: cache-bwi5120-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.493004,VS0,VE93
etag: "650e85c88657ad6543f5c6878e2a79fc"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 3, 0

GET
H2 200 properties-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 138ms
138ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-mixin.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3113
x-served-by: cache-bwi5138-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.492989,VS0,VE96
etag: "a6fa00d9cf48430838a3e13e02b2b3b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 property-accessors.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 13 KB
5 KB 139ms
139ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-accessors.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4317
x-served-by: cache-bwi5145-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431048.494996,VS0,VE97
etag: "f784aae56fbe41ef5c3cafca76aaf990"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 flattened-nodes-observer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 10 KB
3 KB 133ms
132ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flattened-nodes-observer.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2997
x-served-by: cache-bwi5147-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.509113,VS0,VE90
etag: "33a1eb7852b67088b2381b83208022e4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 path.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 7 KB
2 KB 148ms
143ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/path.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 1554
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2048
x-served-by: cache-bwi5135-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.535635,VS0,VE89
etag: "9c50ebf02f5695e8e561d999a38130b5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 case-map.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
909 B 146ms
144ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/case-map.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 784
x-served-by: cache-bwi5126-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.535618,VS0,VE90
etag: "6c6b9837ece12100d4cf4ed763989b68"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 template-stamp.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 20 KB
6 KB 146ms
144ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/template-stamp.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6028
x-served-by: cache-bwi5123-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.535606,VS0,VE90
etag: "c6a88631bee700a9d0ea4929ac7d7c94"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H3-29 200 1613278598987210 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 233ms
230ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1613278598987210?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c527183260771f06c68b304fd782f38f6acb706643241d8b5cd44b238e68747

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: HWpHmSFteJNQ8bHreIMmWPcJ7q99pVhHOwZxmR3kZjphplOM3sNV0nvFOlV33Q2xNkENj0YNF3xZ64iW2vm2kQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 19 May 2021 13:30:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00::210:bae8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01aa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bae8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 09:48:23 GMT
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-amz-meta-version: 0.2.0
content-type: application/javascript
cache-control: max-age=364
accept-ranges: bytes
content-length: 2374

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 22ms
6ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 587
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Wed, 19 May 2021 14:11:01 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1260062133&t=pageview&_s=1&dl=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ul=en-us&de=UTF-8&dt=Betmgm%20Vegas%20Playoff%20Sweepstakes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEABEAAAAC~&jid=1218669910&gjid=657378958&cid=327134039.1621431049&tid=UA-166840762-3&_gid=45443016.1621431049&_r=1&_slc=1&cd58=betmgmplayoff&cd27=free&cd67=usatoday&cd41=6&cd162=A&cd95=McLean%2C%20VA&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd1=pageview&cd6=-120&cd64=null&cd4=1a6d4623-ced9-4e69-a87f-3bf5458e020d&cd14=0&cd72=&cd94=&cd5=3%3A30%20pm&cd9=&cd78=&cd106=&cd48=no&cd42=null&cd60=no%20story%20highlights&cd49=universal&cd2=gciAnalytics%3Aprod%3A0.132.0%3AUSAT-TEALIUM-UW&cd3=0.132.0&cd62=null&cd40=1&cd33=na&cd90=0&cd38=none&cd45=desktop&cd61=&cd25=&cd28=USAT&cd99=Gannett&cd68=VA&cd91=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&cd70=&cd71=&cd104=&cd93=cam-status%3Adisabled%2Ccam-experience-id%3Acontrol%2Creferer-group%3Aorganic%2Creferer-source%3Aorganic%2Cdevice-vendor%3Ageneric%2Cdevice-type%3Adesktop%2Cvariant-group%3A&cd160=null&cd159=&cd63=null&cd77=8872UT-E&cd154=&cd79=USAT-TEALIUM-UW&cd59=&cd30=cobrand&cd7=327134039.1621431049.31747685&cd44=327134039.1621431049&z=1660392880

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usatoday.secondstreetapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 132ms
131ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/telemetry.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 111
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 776
x-served-by: cache-bwi5151-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.665020,VS0,VE90
etag: "863322f656542c1dd71e0580cc5c6106"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 properties-changed.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 21 KB
6 KB 138ms
138ms XHR
text/html 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-changed.html

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 888
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5554
x-served-by: cache-bwi5141-BWI, cache-fra19128-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.665298,VS0,VE95
etag: "cb0b7819ecf4cbd8c49f86bdeb7b4803"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 47ms
46ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suual7uwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 8413125
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1459540
content-length: 84451
x-served-by: cache-fra19156-FRA
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1621431049.689169,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-166840762-3&cid=327134039.1621431049&jid=1218669910&gjid=657378958&_gid=45443016.1621431049&_u=KHBAAEAAEAAAAC~&z=511566564

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 19 May 2021 13:30:48 GMT
content-type: text/plain
access-control-allow-origin: https://usatoday.secondstreetapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF-...
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF...

64 B
331 B

70ms
68ms

Image
image/gif

99.86.242.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF-8&cv=3.5&c8=Betmgm%20Vegas%20Playoff%20Sweepstakes&c7=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c9=
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-117.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 4kKt9Cvg7NPcnBHbpT4ylVKpLVk1G_K3lWJA6KZylv4iy6vQuPQXew==

Redirect headers

date: Wed, 19 May 2021 13:30:48 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c2=6035223&templatetype=cobrand&category=&ns__t=1621431048674&ns_c=UTF-8&cv=3.5&c8=Betmgm%20Vegas%20Playoff%20Sweepstakes&c7=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&c9=
content-length: 358
x-amz-cf-id: mWDOdgkYZ0tSxABTxhfiawpO-N5U3i4QunYtFYXqTJhAaJAPUJ5-JA==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 539ms
135ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1621431048694&plid=92031230&idsite=usatoday.com&url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userType%22%3A%22na%22%2C%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.132.0%3AUSAT-TEALIUM-UW&sid=1&surl=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&sref=&sts=1621431048683&slts=0&title=Betmgm+Vegas+Playoff+Sweepstakes&date=Wed+May+19+2021+15%3A30%3A48+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&urlRef=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&js=1&pvid=94901289&u=pid%3D5b606805ef103d8204e3d2eb20c40522
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 19-May-2021 13:30:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&du...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&d...

13 B
569 B

484ms
135ms

XHR
application/json

34.199.213.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&se=e30&dtstmp=1621431048699&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.213.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:49 GMT
x-pixel-event-id: bf8a39e3-bf7d-42f2-b87b-003a197d265e
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 87a03d1295d4b5f6

Redirect headers

date: Wed, 19 May 2021 13:30:48 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01aa&wpn=lc-bundle&pu=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&ext_gup_anonid=1a6d4623-ced9-4e69-a87f-3bf5458e020d&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&se=e30&dtstmp=1621431048699&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://usatoday.secondstreetapp.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 36658132d7cf164d
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
388 B 438ms
145ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Server: Server
x-amz-rid: R1052EXMTC3FJ9K8336E
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://usatoday.secondstreetapp.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-166840762-3&cid=327134039.1621431049&jid=1218669910&_u=KHBAAEAAEAAAAC~&z=1903209871

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-166840762-3&cid=327134039.1621431049&jid=1218669910&_u=KHBAAEAAEAAAAC~&z=1903209871

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1621431048709&cv=9&fst=1621431048709&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&tiba=Betmgm%20Vegas%20Playoff%20Sweepstakes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63f799812a1b1a200f19bbd40387b8715d51c1186698104046fbe4062baf3525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/994302621/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994302621/?random=1621431048709&cv=9&fst=1621429200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&tiba=Betmgm%20Vegas%20Playoff%20Sweepstakes&async=1&fmt=3&is_vtc=1&random=2135940704&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/994302621/ 42 B
64 B 31ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/994302621/?random=1621431048709&cv=9&fst=1621429200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&tiba=Betmgm%20Vegas%20Playoff%20Sweepstakes&async=1&fmt=3&is_vtc=1&random=2135940704&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom-style-interface.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 3 KB
2 KB 135ms
135ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
age: 888
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1346
x-served-by: cache-bwi5151-BWI, cache-fra19154-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.835281,VS0,VE90
etag: "0bcf779c48ca31aad51499609f591fac"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 14ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1613278598987210&ev=PageView&dl=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&rl=&if=false&ts=1621431048859&cd[currency]=USD&cd[eventType]=%5B%22PageView%22%2C%22ViewContent%22%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621431048857.40208101&it=1621431048542&coo=false&exp=l0&rqm=GET

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 14ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1613278598987210&ev=ViewContent&dl=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&rl=&if=false&ts=1621431048863&cd[currency]=USD&cd[eventType]=%5B%22PageView%22%2C%22ViewContent%22%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1621431048857.40208101&it=1621431048542&coo=false&exp=l0&rqm=GET

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 19 May 2021 13:30:48 GMT

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ 235 B
427 B 169ms
72ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60e7f625414deaf6c019dddf9f1cdc61c01f77dea957f476b7ad2f907378bdb9

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:49 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-dub-prod.krxd.net, cache-fra19124-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1621431049.984427,VS0,VE26
content-length: 188
x-cache-hits: 0, 0

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/10870841/ 43 B
713 B 150ms
148ms Image
image/gif 54.208.116.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10870841/track_page_view?payload=%7B%22category%22%3A%22%22%2C%22title%22%3A%22Betmgm%20Vegas%20Playoff%20Sweepstakes%22%2C%22url%22%3A%22https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%22email%22%3A%221a6d4623-ced9-4e69-a87f-3bf5458e020d%22%2C%22details%22%3A%7B%22BrandID%22%3A%228872UT%22%7D%7D%7D

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.009625
date: Wed, 19 May 2021 13:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 76ab1970-d615-4295-91e1-2ec2e2ac2986

GET
H2 401 update_item
nova.collect.igodigital.com/c2/10870841/ 43 B
354 B 144ms
142ms Image
image/gif 54.208.116.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10870841/update_item?payload=%5B%7B%22author%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F%22%2C%22category%22%3A%22%22%2C%22name%22%3A%22%22%2C%22item_type%22%3A%22cobrand%22%2C%22item%22%3A0%7D%5D

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.116.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.003766
date: Wed, 19 May 2021 13:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 42e88c82-64fb-4ae6-bb50-a4e4aefac512

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 0143 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fembed-795757.secondstreetapp.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://embed-795757.secondstreetapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://embed-795757.secondstreetapp.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 487393
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 19 May 2021 13:30:49 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK promotion_contents Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 8 KB
9 KB 173ms
172ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/promotion_contents?organizationPromotionUniqueId=7538f4a6-f7cc-4311-9bc9-6cb94792c9c9
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bba9f8b94225f91e099b022bdcc9d9e54e9f233de6bfa1776b60db9df1be942e

Request headers

Accept: */*
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:48 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 79
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|3d6bb8f3-0ba7-46f9-b5bf-9415feb4765f|C69601|CD12
Cache-Control: no-cache
Content-Length: 8688
Expires: -1

GET
DATA 200
OK truncated Show response
/ 361 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
436 B 249ms
238ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22reviewedcom03-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F%22%7D&u=https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ebfc21ee416d9602cf3e11bfa37cb114962894524c3a5b0ecc5088940740dfb9

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Server: Server
x-amz-rid: Z3MF72RS9WPVY36MQEZD
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://usatoday.secondstreetapp.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H2 200 apply-shim.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 10 KB
4 KB 133ms
132ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:49 GMT
content-encoding: gzip
age: 885
x-cache: HIT, MISS
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4252
x-served-by: cache-bwi5132-BWI, cache-fra19154-FRA
access-control-allow-origin: *
server: AmazonS3
x-timer: S1621431049.184511,VS0,VE90
etag: "8d4108ef1d5493eee40467d1e426a693"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0143 256 B
258 B 167ms
167ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6bb956f691bcd7b2a2250f8fc989c5530a1a0a5d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fembed-795757.secondstreetapp.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 13:30:49 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 10659d040ffaa740296d9ed93c8e85e7770d647bd4887daa7b9460536ccb0a82
content-length: 176

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 99 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 30 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 26 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK GraphicHeader.css
embed-795757.secondstreetapp.com/staticcontent/css/template_presets/ Frame 3305 5 KB
2 KB 150ms
149ms Stylesheet
text/css 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/staticcontent/css/template_presets/GraphicHeader.css
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a1ac91e74f561f0707d8406dd64ab7de28372ac0d12dc1d13c1b039f9e1c302b

Request headers

Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:48 GMT
Content-Encoding: br
ETag: "015e3b1ec3fd71:0"
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 79
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1246

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3305 3 KB
527 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700

Requested by

Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04e1b94dad3cae0b31fa7069b24fada55b4fad7a1ac8a9db97849e29ed9fc54d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 May 2021 12:55:41 GMT
server: ESF
date: Wed, 19 May 2021 13:30:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 May 2021 13:30:49 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ Frame 3305 0
0 38ms
37ms Fetch
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fusatoday.secondstreetapp.com&client_id=240828629437128&input_token&origin=1&redirect_uri=https%3A%2F%2Fembed-795757.secondstreetapp.com%2Fembed%2F7538f4a6-f7cc-4311-9bc9-6cb94792c9c9%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0d665d8a0fbb4888ecfac0d7111be901&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: v+XBBvv21S5uIlw8Z7gnBWmQGL5EsW0hcKA/mUbeU5dWPFDtMLYPqmvD+BiMBxMKF61n0DEzlElF7AvsVOO0Hw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 May 2021 13:30:49 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://embed-795757.secondstreetapp.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK second-street-logo-small-black-text-312764d99b2c7aeb912a6537f9762190.png
embed-795757.secondstreetapp.com/Images/Logos/ Frame 3305 3 KB
4 KB 156ms
156ms Image
image/png 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-795757.secondstreetapp.com/Images/Logos/second-street-logo-small-black-text-312764d99b2c7aeb912a6537f9762190.png
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/CSS/consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba9f77081db51f317abbfbc2bb7fe3e7ac713fcc134981b59675e2d13d650740

Request headers

Referer: https://embed-795757.secondstreetapp.com/assets/CSS/consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "015e3b1ec3fd71:0"
X-SS: 113
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3404

GET
H/1.1 200
OK FontAwesome.woff
embed-795757.secondstreetapp.com/assets/CSS/fonts/ Frame 3305 125 KB
125 KB 157ms
156ms Font
font/x-woff 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/assets/CSS/fonts/FontAwesome.woff?v=3.2.1-ss-22
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/CSS/consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 812088cfae787d369e86e9930858bdceb12747d81feed05113ac80602d938f67

Request headers

Origin: https://embed-795757.secondstreetapp.com
Referer: https://embed-795757.secondstreetapp.com/assets/CSS/consumer_sweepstakes-f28d6e1cebac1d7100053e082d8deb50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Last-Modified: Mon, 03 May 2021 07:19:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "04214b3ec3fd71:0"
X-SS: 82
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 127960

GET
H/1.1 200
OK 4117089
media.secondstreetapp.com/ Frame 3305 126 KB
127 KB 461ms
158ms Image
image/jpeg 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/4117089
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9e5d3fb57364ba939ba15b5493a18a69c8066577a22131d63b043e0f0b07717d

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: image/jpeg
X-StackifyID: V2|e77fdeb2-0f12-431f-8075-c9686a90b2ab|C69601|CD16
Cache-Control: private
Content-Length: 129462
Expires: Thu, 19 May 2022 13:30:49 GMT

GET
H/1.1 200
OK 4146498
media.secondstreetapp.com/ Frame 3305 18 KB
18 KB 475ms
159ms Image
image/jpeg 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/4146498?width=1200
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a43720369c8e89a9458d6245aab0fa9b62b7e9fa9e92ddc08c6d897a5b03cc72

Request headers

Referer: https://embed-795757.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 83
Content-Type: image/jpeg
X-StackifyID: V2|7caf663e-818e-455a-ab01-365f2dcf07d6|C69601|CD15
Cache-Control: private
Content-Length: 17953
Expires: Thu, 19 May 2022 13:30:49 GMT

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1613278598987210&ev=Microdata&dl=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&rl=&if=false&ts=1621431049410&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Betmgm%20Vegas%20Playoff%20Sweepstakes%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Win%20a%20trip%20to%20Las%20Vegas%20to%20enjoy%20VIP%20treatment%20at%20one%20of%20the%20city%E2%80%99s%20most%20famous%2C%20luxurious%20and%20iconic%20hotels%20and%20enjoy%20all%20the%20best%20that%20the%20NBA%20Playoffs%20has%20to%20offer.%20A%20%245%2C000%20value!%22%2C%22og%3Atitle%22%3A%22BetMGM%20Vegas%20Playoff%20Sweepstakes%22%2C%22og%3Aimage%22%3A%5B%22%22%2C%22https%3A%2F%2Fmedia.secondstreetapp.com%2F4117089%3Fwidth%3D1200%26height%3D630%22%5D%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite%22%3A%22%40usatoday%22%2C%22twitter%3Atitle%22%3A%22Betmgm%20Vegas%20Playoff%20Sweepstakes%22%2C%22twitter%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22NewsArticle%22%2C%22author%22%3A%7B%7D%2C%22dateModified%22%3A%220001-01-01T00%3A00%3A00Z%22%2C%22datePublished%22%3A%220001-01-01T00%3A00%3A00Z%22%2C%22image%22%3A%7B%7D%2C%22mainEntityOfPage%22%3A%7B%7D%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22logo%22%3A%7B%7D%2C%22name%22%3A%22USA%20TODAY%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1621431048857.40208101&it=1621431048542&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 19 May 2021 13:30:49 GMT

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK Cookie set a-01aa Show response
i.liadm.com/s/c/ Frame D49C 1 KB
1 KB 546ms
141ms Document
text/html 18.208.35.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=false&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.35.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c86900c403661f57744556341bad63455d07fc7d854ed0d42652a9f2d0d1f3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://usatoday.secondstreetapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 May 2021 13:30:50 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIChC8DzIFCHoQuw8yBgiLARC8DzIFCHkQuw8yBgiBARC7DzIFCAkQvA8; Max-Age=2592000; Expires=Fri, 18 Jun 2021 13:30:50 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: ac954f4b48341ebc
Vary: Accept-Encoding
Content-Length: 632
Connection: keep-alive

GET
H2 200 0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2
fonts.gstatic.com/s/ptsanscaption/v13/ Frame 3305 38 KB
39 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsanscaption/v13/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc2dc463136f83997692baae0211e0c1d9573159476a988d20e1a6afe9a8c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://embed-795757.secondstreetapp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 10:13:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:43:52 GMT
server: sffe
age: 443828
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39328
x-xss-protection: 0
expires: Sat, 14 May 2022 10:13:41 GMT

GET
H2 200 0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
fonts.gstatic.com/s/ptsanscaption/v13/ Frame 3305 34 KB
34 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsanscaption/v13/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3083af23db561c3c0aae0cf64869b61a1f84efc498df8d78eefaaecb9ef76c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://embed-795757.secondstreetapp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:08:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:08:28 GMT
server: sffe
age: 559311
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35180
x-xss-protection: 0
expires: Fri, 13 May 2022 02:08:58 GMT

GET
H/1.1 200
OK second-street-logo-small-white.png
embed-795757.secondstreetapp.com/staticcontent/Images/Logos/ Frame 3305 3 KB
3 KB 155ms
155ms Image
image/png 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-795757.secondstreetapp.com/staticcontent/Images/Logos/second-street-logo-small-white.png
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/staticcontent/css/template_presets/GraphicHeader.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 843ed68d0708b3249ea9f4068ecf5bfc36e7f7174966609b077795c475a9bc9e

Request headers

Referer: https://embed-795757.secondstreetapp.com/staticcontent/css/template_presets/GraphicHeader.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:49 GMT
Last-Modified: Mon, 03 May 2021 07:19:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "015e3b1ec3fd71:0"
X-SS: 113
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3309

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
799 B 43ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=usatoday.secondstreetapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=usatoday.secondstreetapp.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 235ms
233ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=704865654491882&correlator=3202714968671970&output=ldjh&impl=fifs&eid=31060854%2C31061019%2C31061041%2C31061225&vrg=2021051701&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210519&iu_parts=7103%2Cusatoday%2Cleaderboard_atf-partner_secondstreet%2Cleaderboard_btf-partner_secondstreet%2Cposter-partner_secondstreet%2Cposter_scroll-partner_secondstreet&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600&prev_scp=position%3Dleaderboard_atf%26adCount%3D1%26id%3D6c433dfd-b8a6-11eb-a82d-06c3831123e5%26pub%3D40%7Cposition%3Dleaderboard_btf%26adCount%3D1%26id%3D6c4364e6-b8a6-11eb-8ea4-06d8cca89c2a%7Cposition%3Dposter%26adCount%3D1%26id%3D6c438c1d-b8a6-11eb-943d-068792706006%26vw%3D40%2C50%26grm%3D40%2C50%2C60%26pub%3D40%7Cposition%3Dposter%26adCount%3D2%26id%3D6c4364e9-b8a6-11eb-89e1-067f141e2336%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%7Cposition%3Dposter%26adCount%3D3%26id%3D6c438be4-b8a6-11eb-802b-02617d9e854e%26vw%3D40%2C50%26grm%3D40%2C50%26pub%3D40%7Cposition%3Dposter_scroll%26adCount%3D1%26features%3Dsticky%26id%3D6c436555-b8a6-11eb-904e-02c790015d1e%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%2C80&cust_params=aam_props%3Duniversal%257Cdesktop%257Ccobrand%26alerttype%3Dnone%26build%3DDigital%2520Renovation%252Cuniversal-low%26contentid%3D0%26navigationType%3Ddirect%26pageType%3Dcobrand%26privacy%3DNA%26property%3Dusat%26sitepage%3Dusat%252F%26topic%3Dbetmgmplayoff%26variant%3Dad-control%26ksg%3D%26ss%3Dnon%26utm_props%3D%257C%257C%26user_gsp%3D6%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1621431049&dt=1621431049798&dlt=1621431047134&idt=1227&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C285%2C285%2C285%2C285&adys=129%2C1580%2C355%2C685%2C1015%2C1218&adks=1381709461%2C828214597%2C1021061997%2C880203997%2C57660452%2C253157986&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x110%7C1600x110%7C350x306%7C350x306%7C350x306%7C350x303&msz=1600x93%7C1600x93%7C350x253%7C350x253%7C350x253%7C350x250&ga_vid=327134039.1621431049&ga_sid=1621431050&ga_hid=1260062133&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C0%7C0%7C0%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

353d7e6c76e0042b586daadead2581b3b5d6092919dd7195eb6d895e8d86ad9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9947
x-xss-protection: 0
google-lineitem-id: -2,5632749801,5634285725,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138342265914,138342230273,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://usatoday.secondstreetapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 55ms
17ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated Show response
/ 480 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK settings Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 141 KB
141 KB 164ms
163ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/settings?category=UI_Text
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1536697c3747999073be79d1d1ec84684d7bccd176b64ca503722063aa1d6a

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|bdb95e3c-b4eb-4cfd-8087-c4fbd40981e6|C69601|CD16
Cache-Control: no-cache
Content-Length: 144324
Expires: -1

GET
H/1.1 200
OK 795757 Show response
embed-795757.secondstreetapp.com/api/organization_promotions/ Frame 3305 2 KB
2 KB 161ms
160ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/organization_promotions/795757
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 72e0c86de59c527733d98b75c0b0c8bafd9d995a3d201ed4d1c5ddcd850d4cab

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 113
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|8c564b32-b66a-414d-abd4-4b1e7438cd35|C69601|CD13
Cache-Control: no-cache
Content-Length: 1905
Expires: -1

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 36 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 24 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 939 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 25 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 314 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H3-29 200 container.html Show response
beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 480F 6 KB
3 KB 23ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105171519/wrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usatoday.secondstreetapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 19 May 2021 13:30:49 GMT
expires: Thu, 19 May 2022 13:30:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE50 6 KB
3 KB 17ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105171519/wrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usatoday.secondstreetapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 19 May 2021 13:30:49 GMT
expires: Thu, 19 May 2022 13:30:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251140663589"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:50 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame DE50 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 13:30:48 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DE50 22 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7699
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 11:22:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE50 118 KB
36 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:50 GMT

GET
H/1.1 200
OK matchups Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 595 B
1022 B 160ms
160ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/matchups?excludeSecondaryMatchups=true
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d344ad76e78ec87642e3aea12277bccb27a4f23b11faf98644340a5bd752d17

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|75e2edab-ae6f-4ae1-b680-ee33535a5940|C69601|CD16
Cache-Control: no-cache
Content-Length: 595
Expires: -1

GET
H/1.1 200
OK forms Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 293 B
721 B 167ms
167ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/forms?excludeFormPages=true&formTypeId=1
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 694bae63ed865b1cdaae034ef71c129b094dfefe7b5272ab8723ad20cda1e063

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 113
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|6cb07655-6e43-43c3-82b5-a2e12fd5be2e|C69601|CD13
Cache-Control: no-cache
Content-Length: 293
Expires: -1

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6492 46 KB
13 KB 91ms
78ms Script
application/javascript 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=4993669145&chanId=adx/usatoday/poster-partner_secondstreet_0&placementId=5634285725&pubCreative=138342230273&pubOrder=2827544385&cb=1621431050280
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 14a299b0e1a9d6da60f7e1defde4058609d2ef0069378737f980e8ccbfba23ca

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
x-server-name: app04.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 480F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 13:30:48 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 480F 22 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7699
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 11:22:31 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 480F 118 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:50 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame DE50 109 KB
38 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7698
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 May 2021 11:22:32 GMT

GET
H/1.1

200
OK

35759
i.liadm.com/s/ Frame D49C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=bb27d3b0-19a1-4d22-9b15-b7edfdedd3f5

43 B
447 B

134ms
134ms

Image
image/gif

18.208.35.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=bb27d3b0-19a1-4d22-9b15-b7edfdedd3f5

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=false&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.35.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:50 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: ab47519b2f6bbdd2
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=bb27d3b0-19a1-4d22-9b15-b7edfdedd3f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

e14ee343dc5d4f51a9eb94d9db0e60d6
i.liadm.com/s/e/a-01aa/0/ Frame D49C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01aa%2F0%2Fe14ee343dc5d4f51a9eb94d9db0e60d6%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01aa%2F0%2Fe14ee343dc5d4f51a9eb94d9db0e60d6%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D
https://i.liadm.com/s/e/a-01aa/0/e14ee343dc5d4f51a9eb94d9db0e60d6?mpid=82775&muid=12196746402224060410938337529850582716

43 B
285 B

156ms
133ms

Image
image/gif

18.208.35.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-01aa/0/e14ee343dc5d4f51a9eb94d9db0e60d6?mpid=82775&muid=12196746402224060410938337529850582716

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.35.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:51 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 6af7dc04d4dfbab6
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v006-087d9057b.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Error: 104,300
X-TID: v9gOCpgoTkY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-01aa/0/e14ee343dc5d4f51a9eb94d9db0e60d6?mpid=82775&muid=12196746402224060410938337529850582716
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame D49C
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y

43 B
603 B

183ms
182ms

Image
image/gif

23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-99-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 19 May 2021 13:30:50 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&rd=Y
pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 19 May 2021 13:30:50 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame D49C 43 B
240 B 189ms
96ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=false&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 54
pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1621431051.528247,VS0,VE54
x-served-by: cache-hhn11571-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i.liadm.com/s/ Frame D49C
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
447 B

136ms
136ms

Image
image/gif

18.208.35.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.35.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:51 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: acad20e6f0d0ab8c
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 77
Content-Type: text/html; charset=utf-8

GET
H2 204 bct
mid.rkdms.com/ Frame D49C 0
47 B 416ms
131ms Image
text/plain 34.197.11.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01aa?s=&cim=&ps=true&ls=false&duid=03811102446f--01f62d4pbnp93wf05m0b134vcy&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.11.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
server: nginx

GET
H/1.1

200
OK

35758
i6.liadm.com/s/ Frame D49C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https%3A%2F%2Fi.liadm.com%2Fs%2F35758%3Fbidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent
https://i6.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent

43 B
447 B

306ms
106ms

Image
image/gif

2600:1f18:444a:4602:c18d:4a5:dcb1:ed3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4602:c18d:4a5:dcb1:ed3e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 19 May 2021 13:30:51 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 1fcb555978951775
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35758?bidder_id=2380&bidder_uuid=no-consent
Date: Wed, 19 May 2021 13:30:50 GMT
Connection: keep-alive
trace-id: 564c6d7e09afc465
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3-29 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 480F 109 KB
38 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7698
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 May 2021 11:22:32 GMT

GET
H2 200 main.gr.19.8.201.js Show response
static.adsafeprotected.com/ Frame 6492 182 KB
58 KB 69ms
69ms Script
application/javascript 34.249.39.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.201.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=4993669145&chanId=adx/usatoday/poster-partner_secondstreet_0&placementId=5634285725&pubCreative=138342230273&pubOrder=2827544385&cb=1621431050280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2394a068f6af11108e3bb63863e7b222c2540fecd0f25e6ec0a69433c32c0ad9

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 19:58:40 GMT
server: nginx/1.16.1
etag: W/"c1b29b677b41f1652ad8447e08d02f45"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 60 KB
5 KB 20ms
7ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6ec7dfbefa2083f64682643527557bc684d9a3c488682866131ff3b6adf2d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/279888/4993669145/1615307782400/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 5290
date: Tue, 18 May 2021 20:17:09 GMT
expires: Wed, 19 May 2021 20:17:09 GMT
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 62021
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE50 0
26 B 84ms
84ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOPcFRmlYa7zhXCRbkIKKncGpwraJ-EIqfM_ew7tPXW2K2qwmhsXi20s3F-jKj2YtSQqChfKx6c3WCrjhb2R4zf_Lr8jVQ_xp-nHz9NauL1tqHusZycVBFPxAU6Nfd0cSzKzoYMT6qwDIfDdUCgcvEcdgeFpAe0hNdXbfbkWXMR-tmRti6gEX6igid5t6vFihQ7V0EIgRRwxpbedyjmRy2oEAoIUDiVlK33y4iF3gcN6X1AtRQqL9YU9P2cfGRfRqE1CNhKH3v0pbSg0AywpfXGOQ1zkiLV2puybGOlURVl23ZFeCPXR_blUXW8htDxL-H_STMo38bOnO7MaB8erxrOurfNR882zKJvRQzjw&sai=AMfl-YSUvjM6At2fWJhd4x4HSPP1iWMWwpOueIapyIGcaWzBWG_Z2uFrA9uDcPxxS12Tm3wKD_uEFSMG-wW1eQzHbyllwcwYaI7CgLjHp3rV_5OkmyFFTk4KkOO9c9s2dHZG&sig=Cg0ArKJSzNcWpZ7QtA0_EAE&urlfix=1&adurl=

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 13:30:50 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 60 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0129832cf47e4fc961b957245cf0fbf0322d7671f3fe7ed1ba81168e195ac34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/279888/4993669145/1615307654031/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 5273
date: Wed, 19 May 2021 10:29:19 GMT
expires: Thu, 20 May 2021 10:29:19 GMT
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 10891
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 480F 0
26 B 692ms
692ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz5pD81CNXFJHGw07JnksNp6jblxCDLFPl2c9pvDW3auBNdWt3tNGVAB1zNoiAABMIyCHuDrGTAyGO8d7gRqSvWq2ogXRBhm5lasjLnIBCcyjkjbtfWgIFN0tudL-h43IQFk9gvU465nIGf_sPx4pp8cxZFx5WbrielZhdwa5Ev0F7q6wA-LFhqwsGdXw-uYBse_l-8nqwmIhgvull3o5TcG-eGYWje3Ipm0BD-Tvyi-vGS-XLdbiBQzRbf4aRVcL30KRLKhSYsoF8hYWrZZG3VUy59_MkTqnk-NIKVOOpME18HHLtR0bmMT14VIqGYexKBiuBRH1-M4DqkGWmZ1Vmm8RIJsag0FPh5a1xA7b0o1hHJQtZPw&sai=AMfl-YR03Lh3IO4qfn4HcsY5Q6ZdaplrldVrSa4iP_vFvbkY_fFlMO0vizjU-0i2xUtxGhv20gRCkKDT35D16kSYANR07k8syIly9JvMwIZV23XGcgLydtKOWzZaZRJmdkXl&sig=Cg0ArKJSzDR0QDQfL1bQEAE&urlfix=1&adurl=

Requested by

Host: beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
URL: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 13:30:51 GMT

GET
H3-29 200 adapt-2-3-0.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 89 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/adapt-2-3-0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7243503d1dc0162827d84a0d2b4207d2ff4a5a773afef645434e5cdc852995ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 20:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30930
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 19 May 2021 20:17:09 GMT

GET
H3-29 200 adapt-2-3-0.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 89 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/adapt-2-3-0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7243503d1dc0162827d84a0d2b4207d2ff4a5a773afef645434e5cdc852995ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 11:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5761
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30930
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 20 May 2021 11:54:49 GMT

GET
H/1.1 200
OK form_pages Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 4 KB
5 KB 229ms
229ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/form_pages?formId=1190453&pageNumber=1
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f42a6f150d55293d8c368e0df31ffc10b6bad9cfb50e7c27485ced11f9075d5c

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 113
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|14ddde95-9702-4cd0-9935-8c0d48b18d77|C69601|CD13
Cache-Control: no-cache
Content-Length: 4442
Expires: -1

GET
H3-29 200 adapt-2-3-0-tracking.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/adapt-2-3-0-tracking.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/adapt-2-3-0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022c469c5d34fbf729b08680fef89c0e1171ea21e4f665c8032b5e77c34d5aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 20:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 19 May 2021 20:17:09 GMT

GET
H3-29 200 adapt-2-3-0-tracking.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/adapt-2-3-0-tracking.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/adapt-2-3-0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022c469c5d34fbf729b08680fef89c0e1171ea21e4f665c8032b5e77c34d5aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28685
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 20 May 2021 05:32:45 GMT

GET
H3-29 200 social-distance-y0cf4j.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 11 KB
11 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/social-distance-y0cf4j.png?cb=i7AkhZlZ

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e19a0b6786e453f1b4930dec740e63c02861fe68e9e98b61396ee1fc1e78d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:04:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 66409
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11210
x-xss-protection: 0
expires: Wed, 19 May 2021 19:04:01 GMT

GET
H3-29 200 blue-heart-vlny5s.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/blue-heart-vlny5s.png?cb=6ztQmnDk

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ca0e979d4f6e7f46a8972d081d326a57901a38a1f48e56b7d0481f3ab110ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7575
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H3-29 200 blue-thumb-sa8a9a.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 8 KB
8 KB 10ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/blue-thumb-sa8a9a.png?cb=GQ9Bss7C

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6428d04a7c9eabc332f3ca221b0d04ebb82dec102d3d834e146c86aad956588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 142
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7970
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 blue-check-905jtp.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 4 KB
4 KB 11ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/blue-check-905jtp.png?cb=51swKeAo

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d143c2eb12b290dc2c5a3a33652e19bacacfd9c6da5394b24f131df50cf7742d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 142
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4095
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 fade-check-rjrstj.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 15 KB
15 KB 12ms
10ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/fade-check-rjrstj.png?cb=Orj2iQhR

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c232a09a40feeb855cc6641d8af2b1b26d0f38fcedeffe3fbb4ec677dcac5775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15645
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H3-29 200 green-thumb-mmt9hu.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 2 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/green-thumb-mmt9hu.png?cb=VE1zDqhx

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4649eb9eea76fd5527e8a7cdfa35ae369f8af7b0f4f224a1eec98cfb19f6a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:04:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 66409
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2481
x-xss-protection: 0
expires: Wed, 19 May 2021 19:04:01 GMT

GET
H3-29 200 teal-check-zyotj1.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 11 KB
11 KB 15ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/teal-check-zyotj1.png?cb=HT9LRjEi

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63edcb8cd2b94929f387349388bfaf0328cb2128b9c66b01353f0c8340bcdab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
age: 142
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10755
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 teal-thumb-rg8zdf.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 6 KB
6 KB 14ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/teal-thumb-rg8zdf.png?cb=FzjhG1um

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aae0bab5317f146942376b644d63c9c6bd859a4fa756a932a393e16094776e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5937
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H3-29 200 green-heart-47ycr2.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 5 KB
5 KB 13ms
11ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/green-heart-47ycr2.png?cb=7yU2rcEz

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddba53cff6f201e05ada42640db46c031d5afae548c66d8ef043db86f3c587a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5015
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H3-29 200 teal-heart-5e3d6u.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 5 KB
5 KB 13ms
11ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/teal-heart-5e3d6u.png?cb=XYZZBAwQ

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

894866d0eeb45ca2fc22bcb24423316e182c70492648681e01bfdd0deed6945f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
age: 142
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4934
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 350bg-100-irjzr6.jpg
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 4 KB
4 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/350bg-100-irjzr6.jpg?cb=jMr2K21P

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580f142f73c403f1733161e9fd1a3da4738191e4df0c39af781cddb5b46987a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 142
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4062
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 dark-heart-ju3p5i.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/dark-heart-ju3p5i.png?cb=gIOEVPhA

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57e697d7a424bd116f9f8b91b46cf0fb67893762af1f5a186f0ce30987147da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:28:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 142
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Thu, 20 May 2021 13:28:28 GMT

GET
H3-29 200 learn-more-7v6dcf.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/learn-more-7v6dcf.png?cb=fxQ7TT4n

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8edb101088f1ae3a2e7c5805131bc24b514f8a8ab0eee9350623edc21edcef60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:04:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 66409
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
expires: Wed, 19 May 2021 19:04:01 GMT

GET
H3-29 200 for-a-flawless-shjqd0.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/for-a-flawless-shjqd0.png?cb=QnJu2xNO

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11110c04982e095add1df740c1cc69a09144db449e51b491b40926b1b13fcea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1891
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H3-29 200 social-media-88wgzk.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/social-media-88wgzk.png?cb=GZKToiS9

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c45273e179618ed4d061afb9aace237ad86a73ceeb1202b1fa65ed074adbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 16:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:22 GMT
server: sffe
age: 75595
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1815
x-xss-protection: 0
expires: Wed, 19 May 2021 16:30:55 GMT

GET
H3-29 200 white-localiq-gaz6j1.png
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/white-localiq-gaz6j1.png?cb=aMJWq8F4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a101f48c9e5a45e56dcef8c3966f6a11581ecca63e291fb4bbf26708b7a8a1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:15:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
age: 58547
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2118
x-xss-protection: 0
expires: Wed, 19 May 2021 21:15:03 GMT

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 265D 82 KB
21 KB 71ms
70ms Script
application/javascript 34.249.39.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:50 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 333922
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 74ms
74ms Image
image/gif 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=300x250&pubId=4993669145&chanId=adx/usatoday/poster-partner_secondstreet_0&placementId=5634285725&pubCreative=138342230273&pubOrder=2827544385&cb=1621431050280&adsafe_url=https%3A%2F%2Fusatoday.secondstreetapp.com%2FBetMGM-Vegas-Playoff-Sweepstakes%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fusatoday.secondstreetapp.com%2F&adsafe_type=f&adsafe_jsinfo=,id:a5a19a81-9be8-5e0f-6dd0-dea396d679f8,c:d4rLPK,sl:outOfView,em:false,fr:true,mn:app04ie,pt:1-5-15,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:389,oid:6d539d04-b8a6-11eb-8ce4-061b2abdf756,v:19.8.201,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:50 GMT
x-server-name: app30.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK domains Show response
embed-795757.secondstreetapp.com/api/ Frame 3305 7 KB
7 KB 157ms
156ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/domains?organizationId=4237
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 708ac03a4676ff29ecb512e4bdf9244d98eb5324b0cea992f7b1dc930ac1e48e

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 113
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|5737592d-e71b-4c48-a7d6-de64bfb23fff|C69601|CD13
Cache-Control: no-cache
Content-Length: 6718
Expires: -1

GET
H/1.1 200
OK 4237 Show response
embed-795757.secondstreetapp.com/api/organizations/ Frame 3305 557 B
984 B 160ms
160ms XHR
application/json 199.19.89.15
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-795757.secondstreetapp.com/api/organizations/4237
Requested by: Host: embed-795757.secondstreetapp.com
URL: https://embed-795757.secondstreetapp.com/assets/vendor-ab1d624f49c33e5e140d024e7cdad20e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.15 St Louis, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-15.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 398a5b04f6052e8f45dc298ef03680d764cf67bd6dbacafdb333935cfd2f55c1

Request headers

X-Organization-Promotion-Id: 795757
X-Fingerprint: 3d9eff49f780d74016dc85563d4f68b0
X-Referring-Url: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://embed-795757.secondstreetapp.com/embed/7538f4a6-f7cc-4311-9bc9-6cb94792c9c9/
X-Requested-With: XMLHttpRequest
X-Organization-Id: 4237
X-Promotion-Id: 664632
X-Api-Key: 65032887

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|963904be-92e1-4edf-8193-815c9cd013e2|C69601|CD16
Cache-Control: no-cache
Content-Length: 557
Expires: -1

GET
H3-29 200 adapt-2-3-0-script.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307782400/ Frame 1075 4 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/adapt-2-3-0-script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/adapt-2-3-0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3278375e6f1301cc356629caf45c32125c0814ec7725639b175e415e0b8326d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307782400/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 15:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80178
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1177
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:36:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 19 May 2021 15:14:32 GMT

GET
H3-29 200 social-distance-hft31b.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 5 KB
5 KB 10ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/social-distance-hft31b.png?cb=XpAwge0B

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1848af7906c6b2a709ea670a904a5eff1c3e7543bb4fd738730eadebbefcaf70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:32:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 28684
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4718
x-xss-protection: 0
expires: Thu, 20 May 2021 05:32:46 GMT

GET
H3-29 200 blue-heart-vlny5s.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 7 KB
7 KB 15ms
10ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/blue-heart-vlny5s.png?cb=z4L4S1OL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ca0e979d4f6e7f46a8972d081d326a57901a38a1f48e56b7d0481f3ab110ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7575
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H3-29 200 blue-thumb-sa8a9a.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 8 KB
8 KB 15ms
10ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/blue-thumb-sa8a9a.png?cb=AX8YJGNQ

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6428d04a7c9eabc332f3ca221b0d04ebb82dec102d3d834e146c86aad956588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7970
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 blue-check-905jtp.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 4 KB
4 KB 14ms
9ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/blue-check-905jtp.png?cb=a4t34459

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d143c2eb12b290dc2c5a3a33652e19bacacfd9c6da5394b24f131df50cf7742d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:32:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 28684
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4095
x-xss-protection: 0
expires: Thu, 20 May 2021 05:32:46 GMT

GET
H3-29 200 fade-check-rjrstj.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 15 KB
15 KB 22ms
18ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/fade-check-rjrstj.png?cb=vKFS1WKU

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c232a09a40feeb855cc6641d8af2b1b26d0f38fcedeffe3fbb4ec677dcac5775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15645
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 green-thumb-mmt9hu.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 2 KB
2 KB 21ms
18ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/green-thumb-mmt9hu.png?cb=yryCh3BJ

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4649eb9eea76fd5527e8a7cdfa35ae369f8af7b0f4f224a1eec98cfb19f6a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2481
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H3-29 200 teal-check-zyotj1.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 11 KB
11 KB 21ms
17ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/teal-check-zyotj1.png?cb=EGUjgyTK

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63edcb8cd2b94929f387349388bfaf0328cb2128b9c66b01353f0c8340bcdab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10755
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 teal-thumb-rg8zdf.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 6 KB
6 KB 20ms
17ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/teal-thumb-rg8zdf.png?cb=t1feInY7

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aae0bab5317f146942376b644d63c9c6bd859a4fa756a932a393e16094776e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5937
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 green-heart-47ycr2.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 5 KB
5 KB 20ms
16ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/green-heart-47ycr2.png?cb=DIuitrYO

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddba53cff6f201e05ada42640db46c031d5afae548c66d8ef043db86f3c587a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5015
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 teal-heart-5e3d6u.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 5 KB
5 KB 19ms
16ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/teal-heart-5e3d6u.png?cb=0K7ii4KV

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

894866d0eeb45ca2fc22bcb24423316e182c70492648681e01bfdd0deed6945f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4934
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H3-29 200 728bg-iq190n.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 1 KB
1 KB 18ms
15ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/728bg-iq190n.png?cb=bpUMzsTY

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c082e033e4f8aa0b6590dbc34b98a7a863904c59078597d6a35c73039723e533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 dark-heart-ju3p5i.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 1 KB
1 KB 17ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/dark-heart-ju3p5i.png?cb=odqlvqhY

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57e697d7a424bd116f9f8b91b46cf0fb67893762af1f5a186f0ce30987147da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 learn-more-7v6dcf.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 1 KB
1 KB 16ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/learn-more-7v6dcf.png?cb=YHDU51zM

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8edb101088f1ae3a2e7c5805131bc24b514f8a8ab0eee9350623edc21edcef60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H3-29 200 for-a-flawless-shjqd0.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/for-a-flawless-shjqd0.png?cb=yYS5WUXr

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11110c04982e095add1df740c1cc69a09144db449e51b491b40926b1b13fcea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1891
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H3-29 200 social-media-88wgzk.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/social-media-88wgzk.png?cb=fvmPJuP0

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c45273e179618ed4d061afb9aace237ad86a73ceeb1202b1fa65ed074adbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:46:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:14 GMT
server: sffe
age: 27886
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1815
x-xss-protection: 0
expires: Thu, 20 May 2021 05:46:04 GMT

GET
H3-29 200 white-localiq-gaz6j1.png
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/white-localiq-gaz6j1.png?cb=YKsMCZTk

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a101f48c9e5a45e56dcef8c3966f6a11581ecca63e291fb4bbf26708b7a8a1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
age: 66283
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2118
x-xss-protection: 0
expires: Wed, 19 May 2021 19:06:07 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 388ms
133ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rLU3,pingTime:-2,time:655,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:223,beZ:225,mfA:567,cmA:568,inA:568,inZ:574,prA:574,prZ:580,si:613,poA:613,poZ:624,cmZ:624,mfZ:624,loA:669,loZ:670,ltA:878,ltZ:878%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:655,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B309~0%5D,as:%5B309~350.253%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:0,renddet:na,slid:%5Bpartner-poster-2,aux%5D,sinceFw:265,readyFired:true%7D&br=u
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:51 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 adapt-2-3-0-script.js Show response
s0.2mdn.net/dfp/279888/4993669145/1615307654031/ Frame 744A 4 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/adapt-2-3-0-script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/adapt-2-3-0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3278375e6f1301cc356629caf45c32125c0814ec7725639b175e415e0b8326d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/279888/4993669145/1615307654031/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 06:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26741
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1177
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:34:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 20 May 2021 06:05:10 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE50 0
0 143ms
86ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKtIm4JP3IscJZBUzpApEmQFATqPdyweNBCVcpkXfJvCh9w-hv7s4IEXrt8pvJe0j01jJsA9V5oZjbCWkD3gcrputT81UfjOm8CSOg0se6lc8_Jeg4HWY07L_WOARO8McNArhr35VPTNLOgHA0GIo7gpNqYYR198A1FRaNmk-5_N7gOGgVBXpjOmNROg4PhA3ida2nVOm0Am1uVbIre2_UDIr55MmDXx1yisILe0qCbW_ZV_2yFBGgHhkZlpXcYUJwHy-v94FApoRWs_2zxNnf2VKe6ef27I91tp0gT4P4IZ209AX-7FA8nH4_zsaF3QGvvA7CYVlhn1g-hz7LhZ50GQ&sai=AMfl-YTN12Tbso1HON43YYJjqn_KKEjf--t3TKt9L6RrsfW4hdxZEtwH6QMPePiKKb53174Ja60FbikcF6O0zA_wLEFtaXEXOWLUXr_FDPM7u78DMPxv51T0MTrI_RqJ45EW&sig=Cg0ArKJSzIL8PrOKCOCAEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 13:30:51 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 378ms
126ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rLUZ,time:713,type:e,im:%7Bpci:%7Btdr:320%7D%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:713,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B367~0%5D,as:%5B367~350.253%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:51 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 480F 0
0 84ms
84ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstesNuHyL1sI5dlRYs1x-B_Kmp8bsrN1OxMuEgavEerTm-itjcwOeUX9j0VzDNdIRtUYX8UJL4Texg7wwdg1Mqy21F4AryVJIf_HFdaU49xJQKKGXnPwPGzkcKWEWOC7WdTCxTJzLBVfmE43g0qXAP87spryEJbJLIHnMsoWYIpdZHjHEidbaeMXIM2LcNroFd_HVRTPpBgZQzCA4ggJ69LZUXGgN0LSAMpU0k1RUbXWu-YJ6BgMKGPKhAPPP02Ph4qdkuH1vsgz3_snswCEJJW4ruCAov4dPBqe5PzDuJnMUaVOCvYWQy9ljB4PeZKWahoWMxp_1s_4DAi7MHya6JOflio8yn3zdanSQ&sai=AMfl-YQZvBVFi8CDqKhTF_IhEQ7rG992uWOstJylMjsdDxdiVOX9BncRGmlT7SbdPZdY3PsncvOMzRmIh8CKmdOKqhEOQoC41DiCMZt2oWOmku1EB5iYoLnvgu6wQLuaeMV3&sig=Cg0ArKJSzKaaGrRS1up0EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 19 May 2021 13:30:51 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 166ms
132ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rLZL,pingTime:-10,time:1009,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621431051511%7C%7C883aa11a1947f6bcb53d4164945316ff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C52cf51efe91dd4b189a448c29e186618%7C%7C03e95c99d3b8dca4a3feab6bbe7d5280%7C%7C7af6a9b0ef073e808fe7eed3dbd42d04%7C%7Cba528bfb0b6ef9619f3e9cfcd5e65614%7C%7C8a0bbb63bcd12f7d5cf5580265354fa9%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:51 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 nr-spa-1044.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 160ms
55ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Requested by: Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "ecc4d675754da137f5dacbc99541e133"
x-amz-request-id: HGJVRFAHVVD788B6
x-cache: HIT
content-length: 11929
x-amz-id-2: gHTWpNcfcGps6epJ/+hiCklslBnS/HAcS0X+qKKpDB9fs0pvL6uDjeWc8dUm1Pi6Gf/gYX+EGus=
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 28 Feb 2018 23:35:17 GMT
server: AmazonS3
x-timer: S1621431052.815103,VS0,VE0
date: Wed, 19 May 2021 13:30:51 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 179

GET
H2 200 optout_check Show response
beacon.krxd.net/ 61 B
220 B 201ms
66ms Script
text/javascript 34.252.41.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.41.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9e25b49c9c99e629a847d4b3407562674d25579662e228494cc89f9f31789665

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:51 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=40 t=1621431051
x-served-by: beacon-n005-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051701&st=env

Requested by

Host: usatoday.secondstreetapp.com
URL: https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06d4be6347f72db1217a9feab29c072d5ed51df6bd2f6e4b514778713abdb2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 19 May 2021 13:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051701.js?31061225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 13:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 19 May 2021 13:30:51 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B82F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://usatoday.secondstreetapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://usatoday.secondstreetapp.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 19 May 2021 13:00:37 GMT
expires: Thu, 19 May 2022 13:00:37 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1814
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame B82F 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 12:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 5398
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Thu, 19 May 2022 12:00:53 GMT

GET
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/1/ 57 B
275 B 600ms
149ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b7ac0e2ada?a=20128261&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=6384&ref=https://usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes/&be=1669&fe=6211&dc=2521&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1621431045474,%22n%22:0,%22f%22:991,%22dn%22:992,%22dne%22:992,%22c%22:992,%22s%22:1017,%22ce%22:1319,%22rq%22:1319,%22rp%22:1656,%22rpe%22:1787,%22dl%22:1660,%22di%22:2400,%22ds%22:2521,%22de%22:2521,%22dc%22:6210,%22l%22:6210,%22le%22:6229%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051701&jk=704865654491882&bg=!wMOlw4fNAAZ7hX_Ue4U7ACkAdvg8WsLnrHsDLX2PL3fwb-nJSyDJiMNqdAaTxl8SwBbIi0oFosnjtQIAAABwUgAAAA5oAQcKAR3IY5jBg8OZgoBeWOsnihYGubWXxeo8Rk6qXrpTus0-65VL3N6wcPOtm5pGC8649FzHifxyBejb8igSW6Io6GqE17-9WJowfpKEwj_ZlCOyfJns-HZEaDeC7eYbjnxbWKD-d40sdJHVJzmlzIHgOx8-NJ2NnJrtAqHPJR-wpFkGPJVXVSS4HIbqGOi78sRpS4hlO9yQFc5vlrdPqv4a0L5F9g_mR1xhOwcYSJfxBIVbhCQgbethO9YqTHkZcuUSDhCL8JaqOu-TX4jTGVTWcWm1if7HO49c5xScu1q0MuSgvXfgAeBDO7Pn4mW6oOeH1ezXnnYQerpd8nHDbnCZDoTHtxiP4O8wuaCd7_nfewUskD9qUEVcqILfhqlKj2GZAk8DzXSssNaFoHapGAvY7VIzLEouKtTyY0rX-zdUI0YNRsuxJvc9YgAb3IRg2kWMpSxEbi4EUgy6Dq3YGQos-_UCzKwn3xpXnCpnltSwwvD9Vv5s5WqTWN26PzmVChUThZ-wdYtSe_xbga1vC1iGM6SkUCYB8wtZFIZCdyXShWhDDLstyFKuNo938pEI7J486NmL3cR5dyeqSABvhJaKNo67OK0ecwoROqjlz48zZr4v7dJbB3N2veKzOEI87KdZLtlf83_N_lkn9zgAhJeGZzbo0g5k6JA9ov5Li57uFJz9qs9S3PFFYVQR1lw2M_iHOrZ__I4GSRsdT-xPiouRand1MY5km53QeM5cmqcd57aWEnWEURyo_G1tdF_OxV47QqEGL7daufd148aA6buegsioMvjgSg2gr1I1_o23sRj7MgBNK4NNHeUzohAufyORwB2mGdvP67mZPvIG87ggoru_Km-H-RwSSe_HK7Lu3eK3LJTpMHhSAXWhFcB3WsWuEOkZL5LRzHTPBHAwwgOZmJZA2LrI7Y6XGsvlNlrMVCEjN4VNdh-QWe5F6oyECtpVFxQNeAfSM1V4giH_-AvdqGy_H3fzlLArPDZTNaDs8sgt-NwBSNpcN6N5jKBtaTkQdmbFn7bqdhHOJWLFHngwXL32J1o5eBRbVJ8v15N7xpdBbZ1N7RuboKMNB9n-I-pxOfA3EBP24-iARffBlayp0COSON130j65KEcuL5v_DuQb6qCiG26OdxchW2U7HiXQaIBx0Ut6HtCbgJ_9hcwIHzA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 134ms
133ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rMag,pingTime:0,time:1660,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,0~100%5D,as:%5B1313~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1313~0,0~100%5D,as:%5B1313~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:171,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:52 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE50 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst46puX8Xe5nQ_qFM_vWIiZYDnHjMvQuOCWGxXwrPExof_gpuWYlBS6XzBgp_iNPY3nS_MjdNKrtjR3zIkIZx2WCRptf-tyu18gWQQ0f0&sig=Cg0ArKJSzBe2MhrfSytDEAE&id=lidar2&mcvt=1000&p=230,285,480,585&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1021061997&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621431050173&dlt=12&rpt=277&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 May 2021 13:30:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 131ms
129ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rMqp,pingTime:1,time:2661,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:136,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:53 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 135ms
133ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rMqq,pingTime:1,time:2662,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:136,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:53 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 122ms
120ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rMqq,pingTime:1,time:2662,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:136,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:53 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 243ms
121ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rMqr,pingTime:1,time:2663,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:136,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:grpm1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:53 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 121ms
121ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rNsV,pingTime:5,time:6661,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:247,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:57 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 127ms
126ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rNsW,pingTime:5,time:6662,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:247,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:30:57 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 127ms
126ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rQ4d,pingTime:15,time:16661,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15002,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15000~100%5D,as:%5B15000~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:130,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:31:07 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 124ms
124ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=a5a19a81-9be8-5e0f-6dd0-dea396d679f8&tv=%7Bc:d4rQ4e,pingTime:15,time:16662,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:350,h:253,t:388%7D,%7Bpiv:100,vs:i,r:,t:1659%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15003,o:1659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1313~0,1~100%5D,as:%5B1314~350.253%5D%7D%7D,%7Bsl:i,t:1659,wc:0.0.1600.1200,ac:260.228.350.253,am:a,cc:260.199.350.306,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15001~100%5D,as:%5B15001~350.253%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jload,dtt:130,fm:sxRBrLO+1*.922805%7C11%7C12%7C131%7C132%7C14%7C151%7C161%7C17%7C18,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://usatoday.secondstreetapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 May 2021 13:31:07 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: user.usatoday.com
URL: https://user.usatoday.com/USAT-GUP/user/

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/	1970-01-20 11:55:03	Name: lidid Value: 4ac5d0de-ccc5-4561-94c7-6a5ec1201ee1
usatoday.secondstreetapp.com/BetMGM-Vegas-Playoff-Sweepstakes	1970-01-19 18:23:51	Name: _liChk Value: 0.23841938155308262
i.liadm.com/s	1970-01-19 19:07:03	Name: _li_ss Value: MgUIChC8DzIFCHoQuw8yBgiLARC8DzIFCHkQuw8yBgiBARC7DzIFCAkQvA8yCQj_____BxC8Dw
embed-795757.secondstreetapp.com/	1969-12-31 23:59:59	Name: .Stackify.Rum Value: 963904be-92e1-4edf-8193-815c9cd013e2
usatoday.secondstreetapp.com/	1970-02-18 18:23:51	Name: _li_ss Value: MgUIChC8DzIFCHoQuw8yBgiLARC8DzIFCHkQuw8yBgiBARC7DzIFCAkQvA8
.secondstreetapp.com/	1970-01-20 03:45:27	Name: __gads Value: ID=8040a8e5e4e53bc1-229d1cab19c80092:T=1621431049:S=ALNI_Mb_xmym9ss5Xl1_zNCI-NmgBs5wXw

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com/static/storage.html(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: Subscriptions Runtime: 0.1.22.165
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://embed-795757.secondstreetapp.com/assets/consumer-sweepstakes-69a8adc10a6df4a070b8947229aecd3e.js(Line 1255) Message: TypeError: Cannot read property 'removeItem' of null
console-api	error	URL: https://embed-795757.secondstreetapp.com/assets/consumer-sweepstakes-69a8adc10a6df4a070b8947229aecd3e.js(Line 1253) Message: TypeError: Cannot read property 'setItem' of null
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
adservice.google.com
adservice.google.pl
api.gannett-cdn.com
api.secondstreetapp.com
assoc-na.associates-amazon.com
b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
beac82255888ddb4583d48f5e088ae9b.safeframe.googlesyndication.com
beacon.krxd.net
cdn.adsafeprotected.com
cdn.krxd.net
cdn.parsely.com
cdn.polyfill.io
cdn.rlets.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
consumer.krxd.net
cpt-static.gannettdigital.com
d7eb298c-4225-4404-b5aa-371829c5b7d2.rlets.com
dpm.demdex.net
dt.adsafeprotected.com
embed-795757.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
js-agent.newrelic.com
liqadprdct-capture-prod-east.gannettdigital.com
match.adsrvr.org
media.secondstreetapp.com
mid.rkdms.com
news.google.com
nova.collect.igodigital.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
platform.twitter.com
resources.xg4ken.com
rp.liadm.com
rp4.liadm.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
trc.taboola.com
usatoday.secondstreetapp.com
user.usatoday.com
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
x.dlx.addthis.com
z-na.associates-amazon.com
user.usatoday.com
104.244.36.20
104.244.42.136
13.248.242.197
13.32.25.83
143.204.103.127
143.204.97.28
151.101.113.194
151.101.114.110
151.101.114.62
151.101.14.133
151.101.14.62
162.247.242.18
172.217.23.98
18.208.35.206
199.19.89.14
199.19.89.15
199.19.89.19
199.232.137.44
216.58.212.162
23.45.99.241
2600:1f18:444a:4602:c18d:4a5:dcb1:ed3e
2600:1f18:730:b110:b216:4622:d058:b1a9
2600:9000:2156:4600:6:9a19:88c0:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::9d
2a02:26f0:6c00::210:bae8
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:3::621
34.194.161.83
34.197.11.2
34.199.213.67
34.249.39.204
34.251.60.147
34.252.41.130
34.75.237.118
52.212.52.211
52.88.195.36
52.94.243.89
54.208.116.125
54.228.170.24
66.155.71.149
70.42.32.159
99.86.242.117
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
0129832cf47e4fc961b957245cf0fbf0322d7671f3fe7ed1ba81168e195ac34b
022c469c5d34fbf729b08680fef89c0e1171ea21e4f665c8032b5e77c34d5aa0
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa
04e1b94dad3cae0b31fa7069b24fada55b4fad7a1ac8a9db97849e29ed9fc54d
06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51
06d4be6347f72db1217a9feab29c072d5ed51df6bd2f6e4b514778713abdb2e9
070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729
07882397107d8464d6bf241369160426df81eacbfca30b4f8d07229a3719b701
0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41
0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11110c04982e095add1df740c1cc69a09144db449e51b491b40926b1b13fcea4
14a299b0e1a9d6da60f7e1defde4058609d2ef0069378737f980e8ccbfba23ca
1848af7906c6b2a709ea670a904a5eff1c3e7543bb4fd738730eadebbefcaf70
1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8
1c527183260771f06c68b304fd782f38f6acb706643241d8b5cd44b238e68747
1c8bbf82d3d618b11ecbfff6de665868bf8cc15f2b31e02dbb7b5f3236b7514a
1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c
20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9
20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3
2394a068f6af11108e3bb63863e7b222c2540fecd0f25e6ec0a69433c32c0ad9
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2b6ec7dfbefa2083f64682643527557bc684d9a3c488682866131ff3b6adf2d3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cc2dc463136f83997692baae0211e0c1d9573159476a988d20e1a6afe9a8c2e
2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759
3083af23db561c3c0aae0cf64869b61a1f84efc498df8d78eefaaecb9ef76c31
3167e516e4093b233cb2095a7e5039e3f86bd461b39ac59976b51e5906d2f3c6
32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df
32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a
34743a016a9a2f87611c865a3a9f5d86f79a37ba115db3e6981ffb59cf164973
353d7e6c76e0042b586daadead2581b3b5d6092919dd7195eb6d895e8d86ad9d
371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559
376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b
380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3
3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a
3877e7cb23b8db0dfe8ad3d252911aa8fbbb79488878c528005421bb677621e7
398a5b04f6052e8f45dc298ef03680d764cf67bd6dbacafdb333935cfd2f55c1
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e
3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e
412d225480e1d94394ffc47ef625f253babd2fdd7a75c687989965fa64895bed
4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc
43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486
4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a
4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b
4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561
4f3707832e6eddeaeb5d4887aa099043a48bd79785bd67e428503835d86724d8
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75
511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a
580f142f73c403f1733161e9fd1a3da4738191e4df0c39af781cddb5b46987a1
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d
5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8
5ddba53cff6f201e05ada42640db46c031d5afae548c66d8ef043db86f3c587a
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
60e7f625414deaf6c019dddf9f1cdc61c01f77dea957f476b7ad2f907378bdb9
6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca
63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105
63edcb8cd2b94929f387349388bfaf0328cb2128b9c66b01353f0c8340bcdab3
63f799812a1b1a200f19bbd40387b8715d51c1186698104046fbe4062baf3525
65bd64f93eeb0e9cac00f8ed11c2a9c4663907c5a96b7c80bfd2c7502141939b
65c32ce952673b7f05df39db8597340ef7ce06c97521c4ed1865f9fff4d7b391
674f27a57710c4edb77ae46d8006638b8f382ffeba71ab81d7f7be65bea6afc6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7
694bae63ed865b1cdaae034ef71c129b094dfefe7b5272ab8723ad20cda1e063
6be084013be9114131db05e43e8a6875b2eaff5b66139814b6ca572b6170e5d3
6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d
6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6e19a0b6786e453f1b4930dec740e63c02861fe68e9e98b61396ee1fc1e78d09
6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004
708ac03a4676ff29ecb512e4bdf9244d98eb5324b0cea992f7b1dc930ac1e48e
70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179
71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7
7243503d1dc0162827d84a0d2b4207d2ff4a5a773afef645434e5cdc852995ae
72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5
72e0c86de59c527733d98b75c0b0c8bafd9d995a3d201ed4d1c5ddcd850d4cab
75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a
77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1
7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb
7ae50ece6963c07c0442607c44a08eedf62357305a3052fabe6ec71b7ef67b4c
7bf18a67091315f0ff905457dd306fe123379fbbf13b0b312e630d5f94d2489f
7d344ad76e78ec87642e3aea12277bccb27a4f23b11faf98644340a5bd752d17
7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0
7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5
7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622
812088cfae787d369e86e9930858bdceb12747d81feed05113ac80602d938f67
812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
843ed68d0708b3249ea9f4068ecf5bfc36e7f7174966609b077795c475a9bc9e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06
86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2
894866d0eeb45ca2fc22bcb24423316e182c70492648681e01bfdd0deed6945f
89fe83e17028718a46d1385651c9927392cbedb70b692e70c0d87a2fe0174041
8a318fb82dbfa52908b72a4718472aeeaa8913b713bf2f4140b523fa78913f46
8c5f4006b343f0b4aeebff7cdc5fde3ab0ec012aa124c3457e3ce326a15f72f1
8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9
8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17
8edb101088f1ae3a2e7c5805131bc24b514f8a8ab0eee9350623edc21edcef60
90eb8dc338f3e4ee58277264b969b9d45a7e8c395fc48d288c3a278ad90b0724
90eba6c6a5dbcb6da1affe765616b01d288c4cbe4045cfd0a7b715229b057aba
922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2
9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613
94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d
962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056
97506b431fd2f5f432b30d76fab0adfc2a2b1f9fbc6f7a56895a516bbb96f017
989ddb1b96ee4dd0e5b65c9f00f23d8a56a1c482dc4d17ab67bae6d488eac238
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ab0e2ccf006a37a8b9d426e1847e9dd2f04bdd2f20b728d99959da707b76796
9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd
9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6
9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251
9e25b49c9c99e629a847d4b3407562674d25579662e228494cc89f9f31789665
9e5d3fb57364ba939ba15b5493a18a69c8066577a22131d63b043e0f0b07717d
a101f48c9e5a45e56dcef8c3966f6a11581ecca63e291fb4bbf26708b7a8a1af
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6
a1ac91e74f561f0707d8406dd64ab7de28372ac0d12dc1d13c1b039f9e1c302b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab
a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a
a43720369c8e89a9458d6245aab0fa9b62b7e9fa9e92ddc08c6d897a5b03cc72
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a6428d04a7c9eabc332f3ca221b0d04ebb82dec102d3d834e146c86aad956588
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d
a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b
a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572
aae0bab5317f146942376b644d63c9c6bd859a4fa756a932a393e16094776e06
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1
b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c12be7a226d95f29187c58c8878d9c4238d0a946a31b2bdb85f231a6e5891c
b3278375e6f1301cc356629caf45c32125c0814ec7725639b175e415e0b8326d
b3ca0e979d4f6e7f46a8972d081d326a57901a38a1f48e56b7d0481f3ab110ae
b4fd13be1430a46a27342c22fd60a36ea8f09a36517697b0e3475a4b9daaf622
b53994453d24b8c3f71f9479c6af11650bbcc8cae3a30a48285cefe0a253c0be
b57e697d7a424bd116f9f8b91b46cf0fb67893762af1f5a186f0ce30987147da
b595c3d94da86f267479f97c910caef07f8642830988f401fd005ea3e74a002c
b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95
b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f
ba904795e6503e927b1278273f247b7eea39599a9ee2f0c51903d96dd870c33c
ba9f77081db51f317abbfbc2bb7fe3e7ac713fcc134981b59675e2d13d650740
bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b
bba9f8b94225f91e099b022bdcc9d9e54e9f233de6bfa1776b60db9df1be942e
bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
c082e033e4f8aa0b6590dbc34b98a7a863904c59078597d6a35c73039723e533
c232a09a40feeb855cc6641d8af2b1b26d0f38fcedeffe3fbb4ec677dcac5775
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c4649eb9eea76fd5527e8a7cdfa35ae369f8af7b0f4f224a1eec98cfb19f6a29
c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85
c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca
c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d
c86900c403661f57744556341bad63455d07fc7d854ed0d42652a9f2d0d1f3c1
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cac94dfb0a22bcd2ed4e91a606831646afb82c8e4cfaa5bdcce9c47db8473ba5
cf218f4d9269df8196d52365de92f37f291778b7d03fe3dd50b19a4e8cbf66bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0
d143c2eb12b290dc2c5a3a33652e19bacacfd9c6da5394b24f131df50cf7742d
d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48
d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb
dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7
dc1536697c3747999073be79d1d1ec84684d7bccd176b64ca503722063aa1d6a
deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d
df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998
e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390
e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a
e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1
e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289
ebfc21ee416d9602cf3e11bfa37cb114962894524c3a5b0ecc5088940740dfb9
ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff
eccfd283fdedc03a9f51b302acd02f26c53e14a1c525410fcc146df28729e0f7
ee6a1d1fc24ccb9331d1c72c37f6b9868845bb8de242f7f35de68d2fa19d3e80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5
f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06
f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea
f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90
f34c58477f3e6c6dba8fe9b6e2e15a75a2a7994f9a38708b62b5c9702ad19fdd
f42a6f150d55293d8c368e0df31ffc10b6bad9cfb50e7c27485ced11f9075d5c
f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92
f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91
f7c45273e179618ed4d061afb9aace237ad86a73ceeb1202b1fa65ed074adbf3
f7fbf2d6d7c216dc02e3ce82f157524b829a377018648ccb14cc994ab2242307
f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580
fb60ef80ac206612ba998d86105363d47262227a6fff6eb15f8521542f818b04
fe3708328bf4e1d00e816c2d95f99e6774a2465ff8363a8f387d16b1c7e8ebd8
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

usatoday.secondstreetapp.com Open in urlscan Pro 199.19.89.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

241 Requests

100 %HTTPS

41 %IPv6

38 Domains

63 Subdomains

54 IPs

6 Countries

2817 kBTransfer

8715 kBSize

6 Cookies

35 Outgoing links

Page URL History

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 43 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usatoday.secondstreetapp.com Open in urlscan Pro
199.19.89.15 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

100 %
HTTPS

41 %
IPv6

38
Domains

63
Subdomains

54
IPs

6
Countries

2817 kB
Transfer

8715 kB
Size

6
Cookies

241 HTTP transactions
43 data transactions