www.more4momsbuck.com Open in urlscan Pro
2a00:1450:4001:801::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/7msidr
Effective URL:
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Submission: On June 18 via api (June 18th 2021, 12:52:00 pm UTC) from US

Summary HTTP 202 Redirects Links 81 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 64 domains to perform 202 HTTP transactions. The main IP is 2a00:1450:4001:801::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.more4momsbuck.com.

This is the only time www.more4momsbuck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	69.164.195.169 69.164.195.169	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:801::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
24	143.204.98.27 143.204.98.27	16509 (AMAZON-02) (AMAZON-02)
1 2	198.61.128.38 198.61.128.38	19994 (RACKSPACE) (RACKSPACE)
5	65.9.77.101 65.9.77.101	16509 (AMAZON-02) (AMAZON-02)
4	38.99.77.17 38.99.77.17	36323 (EZRI-36323) (EZRI-36323)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	64.111.116.72 64.111.116.72	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	209.141.56.224 209.141.56.224	53667 (PONYNET) (PONYNET)
1 2	143.198.246.108 143.198.246.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	38.99.77.16 38.99.77.16	36323 (EZRI-36323) (EZRI-36323)
1	2606:4700:303... 2606:4700:3034::ac43:884f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	52.216.80.155 52.216.80.155	16509 (AMAZON-02) (AMAZON-02)
1	34.209.120.242 34.209.120.242	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	104.197.67.28 104.197.67.28	15169 (GOOGLE) (GOOGLE)
18	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 5	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.111.233.227 104.111.233.227	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.207.161.225 52.207.161.225	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.59.81.87 52.59.81.87	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 16	52.48.175.241 52.48.175.241	16509 (AMAZON-02) (AMAZON-02)
4 5	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.239.198.206 34.239.198.206	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.197.139.150 18.197.139.150	16509 (AMAZON-02) (AMAZON-02)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.138.131 185.86.138.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.174 208.100.17.174	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.43 124.146.215.43	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
7	143.204.98.88 143.204.98.88	16509 (AMAZON-02) (AMAZON-02)
7	13.225.84.149 13.225.84.149	16509 (AMAZON-02) (AMAZON-02)
2 2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
202	60

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.164.195.169 (Richardson, United States) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

links.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.more4momsbuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 143.204.98.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-27.fra50.r.cloudfront.net

widget-prime.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.61.128.38 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

www.tomoson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.77.101 (United States)

ASN16509 (AMAZON-02, US)

i1353.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 38.99.77.17 (United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img155.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img651.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img841.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img839.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.111.116.72 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: hipleasures.com

www.momselect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.141.56.224 (Las Vegas, United States)

ASN53667 (PONYNET, US)
PTR: b000.b000.banligo.com

www.myblogspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.198.246.108 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.usfamilyguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.99.77.16 (United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img11.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img340.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:884f (United States)

ASN13335 (CLOUDFLARENET, US)

www.sverve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap6ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.80.155 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.120.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-120-242.us-west-2.compute.amazonaws.com

badge.clevergirlscollective.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.197.67.28 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 28.67.197.104.bc.googleusercontent.com

members.one2onenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.161.225 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.58 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (United Kingdom) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.81.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-81-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.48.175.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.95 (United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.198.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.139.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
PTR: ip174.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.43 (Yokohama, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-88.fra50.r.cloudfront.net

customizer-css.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.84.149 (United States)

ASN16509 (AMAZON-02, US)

d1bg42r4siwejx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.filepicker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	rafflecopter.com 2 redirects links.rafflecopter.com widget-prime.rafflecopter.com customizer-css.rafflecopter.com	999 KB
18	lijit.com 2 redirects ap.lijit.com gslbeacon.lijit.com vap6ams1.lijit.com pxdrop.lijit.com ce.lijit.com	42 KB
16	gumgum.com 1 redirects rtb.gumgum.com	5 KB
16	facebook.net connect.facebook.net	621 KB
12	blogblog.com resources.blogblog.com	6 KB
12	blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com	2 MB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
8	one2onenetwork.com members.one2onenetwork.com	835 KB
8	google.com apis.google.com www.google.com adservice.google.com	156 KB
8	blogger.com www.blogger.com	571 KB
7	cloudfront.net d1bg42r4siwejx.cloudfront.net	11 KB
6	imageshack.us img155.imageshack.us img651.imageshack.us img11.imageshack.us img841.imageshack.us img839.imageshack.us img340.imageshack.us
5	owneriq.net 2 redirects px.owneriq.net	13 KB
5	photobucket.com i1353.photobucket.com	13 KB
4	outbrain.com 3 redirects sync.outbrain.com	1 KB
4	facebook.com 2 redirects www.facebook.com graph.facebook.com	922 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
4	google-analytics.com www.google-analytics.com	26 KB
4	more4momsbuck.com www.more4momsbuck.com	52 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	1rx.io 3 redirects sync.1rx.io	1 KB
3	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	fbcdn.net scontent-frt3-2.xx.fbcdn.net	2 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	627 B
2	360yield.com 2 redirects ad.360yield.com	617 B
2	openx.net 2 redirects us-u.openx.net	635 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	bidswitch.net x.bidswitch.net	291 B
2	rubiconproject.com pixel-us-east.rubiconproject.com pixel-eu.rubiconproject.com	478 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	474 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1 KB
2	tapad.com 1 redirects pixel.tapad.com	916 B
2	googletagmanager.com 1 redirects www.googletagmanager.com	37 KB
2	amazonaws.com s3.amazonaws.com	720 B
2	usfamilyguide.com 1 redirects www.usfamilyguide.com	296 B
2	tomoson.com 1 redirects www.tomoson.com	333 B
1	filepicker.io www.filepicker.io	266 KB
1	rfihub.com 1 redirects p.rfihub.com	750 B
1	socdm.com 1 redirects tg.socdm.com	689 B
1	emxdgt.com cs.emxdgt.com
1	33across.com ssc-cms.33across.com
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	318 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	469 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	836 B
1	stackadapt.com sync.srv.stackadapt.com	168 B
1	postrelease.com 1 redirects jadserve.postrelease.com	416 B
1	eyeota.net ps.eyeota.net	344 B
1	googleapis.com fonts.googleapis.com	461 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	661 B
1	clevergirlscollective.com badge.clevergirlscollective.com	271 B
1	sverve.com www.sverve.com	41 KB
1	myblogspark.com www.myblogspark.com
1	momselect.com www.momselect.com	18 KB
1	is.gd 1 redirects is.gd	602 B
202	64

	Domain	Requested by
24	widget-prime.rafflecopter.com	www.more4momsbuck.com widget-prime.rafflecopter.com
16	rtb.gumgum.com	1 redirects gslbeacon.lijit.com rtb.gumgum.com
16	connect.facebook.net	www.more4momsbuck.com connect.facebook.net widget-prime.rafflecopter.com
12	resources.blogblog.com	www.more4momsbuck.com www.blogger.com
9	ap.lijit.com	2 redirects www.more4momsbuck.com ap.lijit.com gslbeacon.lijit.com
8	members.one2onenetwork.com	www.more4momsbuck.com members.one2onenetwork.com
8	www.blogger.com	www.more4momsbuck.com apis.google.com www.blogger.com
7	d1bg42r4siwejx.cloudfront.net	www.more4momsbuck.com widget-prime.rafflecopter.com
7	customizer-css.rafflecopter.com	widget-prime.rafflecopter.com
7	pagead2.googlesyndication.com	www.more4momsbuck.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	ce.lijit.com	www.more4momsbuck.com gslbeacon.lijit.com rtb.gumgum.com
5	px.owneriq.net	2 redirects www.more4momsbuck.com px.owneriq.net
5	i1353.photobucket.com	www.more4momsbuck.com
5	3.bp.blogspot.com	www.more4momsbuck.com
5	apis.google.com	www.more4momsbuck.com apis.google.com www.blogger.com
4	sync.outbrain.com	3 redirects rtb.gumgum.com
4	www.google-analytics.com	www.more4momsbuck.com
4	2.bp.blogspot.com	www.more4momsbuck.com
4	www.more4momsbuck.com	www.more4momsbuck.com
3	match.adsrvr.org	2 redirects rtb.gumgum.com
3	sync.1rx.io	3 redirects
3	secure.adnxs.com	2 redirects gslbeacon.lijit.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	scontent-frt3-2.xx.fbcdn.net	www.more4momsbuck.com
2	graph.facebook.com	2 redirects
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.360yield.com	2 redirects
2	us-u.openx.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	cm.g.doubleclick.net	1 redirects rtb.gumgum.com
2	x.bidswitch.net	gslbeacon.lijit.com rtb.gumgum.com
2	aax-eu.amazon-adsystem.com	1 redirects gslbeacon.lijit.com
2	sync.mathtag.com	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	pixel.tapad.com	1 redirects www.more4momsbuck.com
2	vap6ams1.lijit.com	www.more4momsbuck.com
2	www.facebook.com	www.more4momsbuck.com connect.facebook.net
2	www.googletagmanager.com	1 redirects www.more4momsbuck.com
2	www.google.com	www.more4momsbuck.com tpc.googlesyndication.com
2	s3.amazonaws.com	www.more4momsbuck.com
2	www.usfamilyguide.com	1 redirects www.more4momsbuck.com
2	www.tomoson.com	1 redirects www.more4momsbuck.com
2	1.bp.blogspot.com	www.more4momsbuck.com
2	links.rafflecopter.com	2 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	www.filepicker.io	widget-prime.rafflecopter.com
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	ssc-cms.33across.com	rtb.gumgum.com
1	ads.pubmatic.com	rtb.gumgum.com
1	ssbsync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	rtb.gumgum.com
1	pixel-eu.rubiconproject.com	gslbeacon.lijit.com
1	pixel-us-east.rubiconproject.com	gslbeacon.lijit.com
1	jadserve.postrelease.com	1 redirects
1	ps.eyeota.net	www.more4momsbuck.com
1	pxdrop.lijit.com	www.more4momsbuck.com
1	gslbeacon.lijit.com	ap.lijit.com
1	fonts.googleapis.com	members.one2onenetwork.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	badge.clevergirlscollective.com	www.more4momsbuck.com
1	img340.imageshack.us	www.more4momsbuck.com
1	img839.imageshack.us	www.more4momsbuck.com
1	img841.imageshack.us	www.more4momsbuck.com
1	www.sverve.com	www.more4momsbuck.com
1	img11.imageshack.us	www.more4momsbuck.com
1	www.myblogspark.com	www.more4momsbuck.com
1	www.momselect.com	www.more4momsbuck.com
1	img651.imageshack.us	www.more4momsbuck.com
1	img155.imageshack.us	www.more4momsbuck.com
1	4.bp.blogspot.com	www.more4momsbuck.com
1	is.gd	1 redirects
202	86

This site contains links to these domains. Also see Links.

Domain
3.bp.blogspot.com
www.vansfoods.com
2.bp.blogspot.com
www.blogger.com
1.bp.blogspot.com
www.dunkindonuts.com
www.renuzit.com
www.tomoson.com
shop.greatergood.com
www.purex.com
www.dialsoap.com
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.myblogspark.com
www.usfamilyguide.com
www.sverve.com
www.netvibes.com
add.my.yahoo.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.rafflecopter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-16`	a year	crt.sh
www.tomoson.com Go Daddy Secure Certificate Authority - G2	`2020-10-03` - `2021-11-04`	a year	crt.sh
usfamilyguide.com R3	`2021-06-12` - `2021-09-10`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.cannababes.com COMODO RSA Domain Validation Secure Server CA	`2018-07-03` - `2020-07-02`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.eyeota.net R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.filepicker.io R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 27 frames:

Primary Page: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Frame ID: E4CB2CB3688A43D51579D99DE551D098
Requests: 83 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Frame ID: 0A2D73C230434D1A61DFA1B78E2D1336
Requests: 5 HTTP requests in this frame

Frame: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Frame ID: 92D388914B71984880052C2E9B4F3312
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: DA001704AFE0E2C3B87EF235D7E6AF83
Requests: 11 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 6068F31D4827DD68DFB5BD832DB3A79E
Requests: 10 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 12DBBF891F91746F2D28900E16065ABE
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 13BAEAA1D0C70D82E42D1C01EE59D47A
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: B0E2DD833F5B9AEF1AE4354E8CA570B9
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: BAE689AC6460D36F67ACA50EBF5848AF
Requests: 8 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 756078102E1395EB74882E9048AD43CD
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: C435ACA52EA0723E16374BDA2661732F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=438307609&adf=2543627872&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624020696465&bpp=18&bdt=212&idt=484&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3234641007606&frm=20&pv=2&ga_vid=1846024775.1624020696&ga_sid=1624020696&ga_hid=170394146&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061335&oid=3&pvsid=2938848032133301&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=MewkltVDGP&p=http%3A//www.more4momsbuck.com&dtd=500
Frame ID: 3A9DA3D6A12F06300B03548E05963C19
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 8969E632DA6C3A4E63A467B69605CBA3
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Frame ID: 7FF28B0029D69806AE61B0C90BE24EF3
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: CFB05778C37FF1736A42668D02A5D118
Requests: 16 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=
Frame ID: 9B425C17A6071E74DF65750F1E70D675
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg
Frame ID: E65F4329EC559A47B19512DD78BEB76D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NzI0ZWFmZS0xOWRkLTQzNzMtYjdlOS01ODY5ZGI2NGFkMjE=&gdpr=1&gdpr_consent=
Frame ID: F95688E201E456ED46BF9DED993B2C39
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 61103DD3090550280098DD6836614C58
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 84D82E53A068004D7E9C30AB513F180E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 3375BA46F535F5CC8893CDEE55ABCD0C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: BC364401821B4A9343E77DF52E1CD127
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA
Frame ID: E3D53739D19AF7E33E4E693C23939AAF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819620689774306
Frame ID: C430DA1FF7B71A8F8C73099E6044F037
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1
Frame ID: F5F1C109280668CAFE788537B6831E6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 469E2EA4D9B5C46B2ECAEBF44C1F8A0A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E449B3A10AEAEF6B85CA149C7E2CD2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://is.gd/7msidr HTTP 301
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.m... HTTP 301
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.m... HTTP 301
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

202
Requests

80 %
HTTPS

32 %
IPv6

64
Domains

86
Subdomains

60
IPs

8
Countries

5561 kB
Transfer

11102 kB
Size

25
Cookies

81 Outgoing links

These are links going to different origins than the main page.

URL: https://3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s1600/vans%2Bwaffles%2Bnew.jpg

Search URL Search Domain Scan URL

URL: http://www.vansfoods.com/
Title: Van’s Foods

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s1600/vans%2Bwaffles.png

Search URL Search Domain Scan URL

URL: http://www.vansfoods.com/store-locator
Title: http://www.vansfoods.com/store-locator

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=4314623122125385118&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s1600/DSC03999.JPG

Search URL Search Domain Scan URL

URL: http://www.dunkindonuts.com/
Title: Dunkin’ Donuts GranDDe Burrito

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=2559517138068040633&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/--SIWIeUY5Zk/VWdZRmOvNYI/AAAAAAAAKHU/tPz_WZbOjkU/s1600/IMG_1901.JPG

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s1600/renuzit.jpg

Search URL Search Domain Scan URL

URL: https://www.renuzit.com/product/pearl-scents/
Title: Renuzit Pearl Scents

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=6434553245353728674&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.tomoson.com/?code=TOPc8cf961c3e0f07636326f336db3d1f31

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/broadwalk%2Bbread.JPG

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/IMG_1378.JPG

Search URL Search Domain Scan URL

URL: http://www.tomoson.com/?code=BOTTOMc8cf961c3e0f07636326f336db3d1f31

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=5237242149596847817&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/greatergoodcollage.jpg

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/
Title: GreaterGood

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/jewelry/
Title: jewelry

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/jewelry/multigem/
Title: multi-gem bracelet

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/breast-cancer/
Title: Breast Cancer

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/autism/
Title: Autism Awareness

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/veterans/
Title: Veterans

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/mothers%2Bday%2Bgreatergood.jpg

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/india-multi-gems-bracelet/s/
Title: multi-gem bracelet

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=307315048534856232&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/scentsplash.jpg

Search URL Search Domain Scan URL

URL: http://www.purex.com/products/fragrance-boosters/purex-crystals-scentsplash/
Title: Purex Crystals ScentSplash

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=4568565177670215748&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/miracle%2Boil.jpg

Search URL Search Domain Scan URL

URL: http://www.dialsoap.com/products/miracle-oil-marula-oil-infused-liquid-hand-soap
Title: Dial Miracle Oil Hand Soap

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=3881313169006416000&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/More-4-Moms-Buck/152981848065368

Search URL Search Domain Scan URL

URL: http://twitter.com/more4momsbuck/

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/112807694890084981689/posts

Search URL Search Domain Scan URL

URL: http://pinterest.com/more4momsbuck

Search URL Search Domain Scan URL

URL: http://www.myblogspark.com/

Search URL Search Domain Scan URL

URL: http://www.usfamilyguide.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.sverve.com/profile/Cristine-Struble-NjM2MQ==

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fposts%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fposts%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fcomments%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fcomments%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/7msidr HTTP 301
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review HTTP 301
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review HTTP 301
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.tomoson.com/images/front/pixel.png HTTP 301
https://www.tomoson.com/images/front/pixel.png

Request Chain 29

http://www.usfamilyguide.com/graphics/USFGmemberbadge.png HTTP 301
https://www.usfamilyguide.com/graphics/USFGmemberbadge.png

Request Chain 32

http://ap.lijit.com/www/delivery/fpi.js HTTP 301
https://ap.lijit.com/www/delivery/fpi.js

Request Chain 40

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 48

http://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

Request Chain 64

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=170394146&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1846024775.1624020696.1624020696.1624020696.1%3B%2B__utmz%3D70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=170394146&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1846024775.1624020696.1624020696.1624020696.1%3B%2B__utmz%3D70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 79

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 93

http://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1846024775.1624020696.1624020696.1624020696.1&_utmz=70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624020697036&_u=YSBCgEABC~&jid=1121755685&gjid=751161284&cid=1846024775.1624020696&tid=UA-53521312-22&_gid=74853440.1624020697&z=2075030170 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1846024775.1624020696.1624020696.1624020696.1&_utmz=70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624020697036&_u=YSBCgEABC~&jid=1121755685&gjid=751161284&cid=1846024775.1624020696&tid=UA-53521312-22&_gid=74853440.1624020697&z=2075030170

Request Chain 94

https://px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q6773070972060135765J&l=true HTTP 302
https://px.owneriq.net/noop?ct=text%2Fhtml

Request Chain 95

https://px.owneriq.net/j/?ref=http://www.more4momsbuck.com/search/label/giveaway.%2520product%2520review&pt=igpkg3&t=f%7C%22More%25204%2520Mom%253A%2520giveaway.%2520product%2520review%22&s=ba2e HTTP 302
https://px.owneriq.net/noop?ct=application%2Fx-javascript

Request Chain 118

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent=

Request Chain 120

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=9734d9c0239e39beb38dadc6/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=9734d9c0239e39beb38dadc6/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=a8ecde08474016201e5eb917ec096b78&gdpr=1&gdpr_consent=

Request Chain 123

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 124

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=9734d9c0239e39beb38dadc6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=b90860cc-96db-4100-af8b-9a65ca098063&gdpr=1&gdpr_consent=

Request Chain 125

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 126

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 130

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=OTczNGQ5YzAyMzllMzliZWIzOGRhZGM2&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 135

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=8515489837694237668

Request Chain 137

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4724eafe-19dd-4373-b7e9-5869db64ad21&obuid=ENC(Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DZ1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DZ1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI&__user_check__=1&sync_id=ed47d711-d033-11eb-9e9b-15758c630106 HTTP 302
https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed47d6c7-d033-11eb-9e9b-15758c630106&obUid=Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI

Request Chain 138

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=d7d5fdb7-91ee-4647-8ea1-29cfff916c23

Request Chain 140

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-RkzZfxpE2pf6WsaH2uC39RER_32aUU9_3Bna~A

Request Chain 141

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=ecab22f0-d033-11eb-8039-79eb22eb5845

Request Chain 144

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4724eafe-19dd-4373-b7e9-5869db64ad21&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

Request Chain 145

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=a16bad46-5761-4396-b461-390a63ac4850

Request Chain 146

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4167064691 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4167064691 HTTP 302
https://sync.1rx.io/usersync/tradedesk/edaec462-0e7a-4075-b7ba-62f27f81d0b4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003

Request Chain 147

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=kBlQQjkvxzRs&ev=1&pid=558355

Request Chain 148

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=4376036530485904128&gdpr=1&gdpr_consent=

Request Chain 150

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg

Request Chain 157

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA

Request Chain 158

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1875819620689774306

Request Chain 159

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1

Request Chain 163

https://graph.facebook.com/v2.2/934893306639366/picture?type=small HTTP 302
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8

Request Chain 179

https://graph.facebook.com/v2.2/697885777/picture?type=small HTTP 302
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8

202 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request giveaway.%20product%20review Show response
www.more4momsbuck.com/search/label/
Redirect Chain

https://is.gd/7msidr
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

178 KB
31 KB

352ms
334ms

Document
text/html

2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

037da4a4f8a29b36d7542c1321705165ac0a5ee2a7da72a4569bbea52933dbf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.more4momsbuck.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Fri, 18 Jun 2021 12:51:36 GMT
Date: Fri, 18 Jun 2021 12:51:36 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 18 Jun 2021 12:29:33 GMT
ETag: W/"efc1019b7622a646f42f6094d5a15560a6f6dd8024d48a794926fcc821c52894"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 31112
Server: GSE

Redirect headers

Server: nginx/1.4.5
Date: Fri, 18 Jun 2021 12:51:35 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Set-Cookie: rta_refr=; domain=.rafflecopter.com; max-age=432000; path=/; httponly raflrefer=1364130031ece8f62a901e9c; domain=.rafflecopter.com; max-age=432000; path=/; httponly

GET
H2 200 3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 26ms
5ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:12:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 16:15:37 GMT
server: sffe
age: 9556
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Sat, 18 Jun 2022 10:12:20 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LUbBztkas/Uw3Yf/7o4Idg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6d4b82cd3380844627edbfe403a4c3f9"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-LUbBztkas/Uw3Yf/7o4Idg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H/1.1 200
OK logo%2Bsmall.jpg
4.bp.blogspot.com/-v3RDKZC4NPk/V7SzcMH1KtI/AAAAAAAAKYc/W4e5w8zGoGMvBpKaPNFRKuPR7Rx4rNppACK4B/s1600/ 56 KB
57 KB 29ms
17ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-v3RDKZC4NPk/V7SzcMH1KtI/AAAAAAAAKYc/W4e5w8zGoGMvBpKaPNFRKuPR7Rx4rNppACK4B/s1600/logo%2Bsmall.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b9ea211ae5e16230bd91d1e79c2267c4af0644ce40bdb4e6ddd7036baf21fad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2988"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="logo small.jpg"
Timing-Allow-Origin: *
Content-Length: 57738
X-XSS-Protection: 0
Expires: Fri, 18 Jun 2021 06:55:01 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
657 B 78ms
6ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:46:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 511524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 19 Jun 2021 14:46:12 GMT

GET
H2 200 vans%2Bwaffles%2Bnew.jpg
3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s320/ 24 KB
24 KB 72ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s320/vans%2Bwaffles%2Bnew.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

89f45c1dc292c651416a90fbd5f3585a3be03f3ef8da8bfc6e840b93b5d441bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 11:42:59 GMT
x-content-type-options: nosniff
age: 4117
content-disposition: inline;filename="vans waffles new.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24069
x-xss-protection: 0
server: fife
etag: "v2968"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H2 200 vans%2Bwaffles.png
2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s320/ 41 KB
41 KB 8ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s320/vans%2Bwaffles.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

608a08d270843ea76943c0344017b6ec948e45cbb67042190f4db5d4ebd35c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 11:42:59 GMT
x-content-type-options: nosniff
age: 4117
content-disposition: inline;filename="vans waffles.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41873
x-xss-protection: 0
server: fife
etag: "v295f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK launch.js Show response
widget-prime.rafflecopter.com/ 361 B
806 B 118ms
29ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/launch.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 11:12:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 21 Nov 2014 19:12:16 GMT
Server: AmazonS3
Age: 8818767
ETag: "b3e777548d0e13cf1e51d04dc16be5c7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Cache-Control: max-age=7200, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 257
X-Amz-Cf-Id: A8hjlxpQ94ulyM406CejHSQGBPfApJCVAhaLiZ1n1dzwOIInLiFcAg==

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
281 B 71ms
6ms Image
image/gif 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:33:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:55:27 GMT
server: sffe
age: 519463
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:33:53 GMT

GET
H2 200 DSC03999.JPG
1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s320/ 23 KB
23 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s320/DSC03999.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d0f13a22131fd2ed2bf9740816774446888e3f3f3aadaa1a46ebdc4ff5c0c199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v2918"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DSC03999.JPG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23388
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:51:36 GMT

GET
H/1.1 200
OK renuzit.jpg
2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s320/ 31 KB
32 KB 12ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s320/renuzit.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22879d796f880eb320552b4033f48b14d044622f0b1132dea8006e4ec4387507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v2878"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="renuzit.jpg"
Timing-Allow-Origin: *
Content-Length: 32123
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK launch.js Show response
widget-prime.rafflecopter.com/ 361 B
806 B 78ms
40ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://widget-prime.rafflecopter.com/launch.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 11:12:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 21 Nov 2014 19:12:16 GMT
Server: AmazonS3
Age: 8818767
ETag: "b3e777548d0e13cf1e51d04dc16be5c7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Cache-Control: max-age=7200, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 257
X-Amz-Cf-Id: 8qiXuI87xNloUCfdBIJR6X41F-y3LmYAM9CfJlN8E1JDrrIQoyyq2g==

GET
H/1.1

404
Not Found

pixel.png
www.tomoson.com/images/front/
Redirect Chain

http://www.tomoson.com/images/front/pixel.png
https://www.tomoson.com/images/front/pixel.png

0
0

448ms
226ms

Image
text/html

198.61.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tomoson.com/images/front/pixel.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.61.128.38 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

Redirect headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.tomoson.com/images/front/pixel.png
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=150
Content-Length: 254
Expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H/1.1 200
OK broadwalk%2Bbread.JPG
2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/ 360 KB
361 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/broadwalk%2Bbread.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

512f3ebe424f60dc4d784147ace0f1f236585a6e6182700dc0241dffed4008bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v2835"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="broadwalk bread.JPG"
Timing-Allow-Origin: *
Content-Length: 368956
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK IMG_1378.JPG
3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/ 359 KB
359 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/IMG_1378.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

10255a28643d2fa90d8f5d718322a760315369349d54b86127babd5f481f1dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v283a"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_1378.JPG"
Timing-Allow-Origin: *
Content-Length: 367143
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK greatergoodcollage.jpg
3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/ 106 KB
107 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/greatergoodcollage.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e3f7c911d1582b04745a69d60e851f4c10cf086eb9ff6a29e4417e217881518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v2827"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="greatergoodcollage.jpg"
Timing-Allow-Origin: *
Content-Length: 108948
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK mothers%2Bday%2Bgreatergood.jpg
1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/ 130 KB
130 KB 26ms
20ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/mothers%2Bday%2Bgreatergood.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70a268b8c61b80484f66c3f1b846a8cac2b16b3d26d81cb333992275e4657431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v282b"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mothers day greatergood.jpg"
Timing-Allow-Origin: *
Content-Length: 132972
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 12:51:36 GMT

GET
H/1.1 200
OK scentsplash.jpg
3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/ 309 KB
309 KB 16ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/scentsplash.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7301da263f1eeb82d977395738fc9c1969d941ae548d5e0a2ea30e2abf9881a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v281f"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="scentsplash.jpg"
Timing-Allow-Origin: *
Content-Length: 316379
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK miracle%2Boil.jpg
2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/ 196 KB
196 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/miracle%2Boil.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

943d646e594ac17f3685f072a480b07754d72d2fb595e9b7afaf5f8e9c440ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 4117
ETag: "v2810"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="miracle oil.jpg"
Timing-Allow-Origin: *
Content-Length: 200448
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK more-for-moms-buck-facebook_zps39235c70.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
2 KB 113ms
64ms Image
image/webp 65.9.77.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-facebook_zps39235c70.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: 1ecf4e3f907eba818100c2ccc71baf8dd6c1bd9b0cd1772cb58a86adb946b128

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
Age: 374570
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-facebook_zps39235c70.webp"
Connection: keep-alive
Content-Length: 1682
X-Request-Id: 9Qkq5nKtKjmEftLSPt3Ac
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ln2ETrz1L8X3wH69FTsArV7gawoOKqqxTZvs4cC1ckXKO8YKQOKixg==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK more-for-moms-buck-contact_zps18b89e8c.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 82ms
47ms Image
image/webp 65.9.77.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-contact_zps18b89e8c.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: f63b64f6e667b334b1656d61ac15b4c9f1a2d559660dd8c7ed90933916e10351

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
Age: 374570
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-contact_zps18b89e8c.webp"
Connection: keep-alive
Content-Length: 2468
X-Request-Id: NNUC9AVOmFs9dODJdwQO3
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mMkKNkSUMLB4onhd3G5K6f8XsTNs-8zV3PZBm8LrhBtZrf0hfH2BJg==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK more-for-moms-buck-twitter_zpsab7fd7ad.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
2 KB 86ms
52ms Image
image/webp 65.9.77.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-twitter_zpsab7fd7ad.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: b01bd450c0e2a1f95217c2b29b20fbcb92b46384f2019fe230c3c2325d52a530

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
Age: 374570
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-twitter_zpsab7fd7ad.webp"
Connection: keep-alive
Content-Length: 1628
X-Request-Id: CJs30OjVckRVewNU9BXE3
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vXNyBfJGgDXDu2KWrhcHphDfegVrZWQ-H6NhI7LwRlPWw_IZoKZfRw==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK google1_zpse0209f95.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 129ms
108ms Image
image/webp 65.9.77.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/google1_zpse0209f95.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: 9a201d1da0b25de21554b10225d744d0c136817d1d08e79a4be09419154c06fd

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 10:16:58 GMT
Via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
Age: 95678
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="google1_zpse0209f95.webp"
Connection: keep-alive
Content-Length: 1974
X-Request-Id: _UAC4-jqKnlCb6H_i3R0v
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _RXxClmL4qDd545hFaZFxdEVR-ZbcvZpdzJmxtkF2Uo6Edt_L4Jqxw==
Expires: Thu, 17 Jun 2021 11:16:58 GMT

GET
H/1.1 200
OK pinterest1_zpsebfe4891.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 83ms
64ms Image
image/webp 65.9.77.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/pinterest1_zpsebfe4891.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: a8905c07778a94159d7b297dbef92db645e1e28671a3014e674a2c543707751f

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 10:16:59 GMT
Via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
Age: 95677
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="pinterest1_zpsebfe4891.webp"
Connection: keep-alive
Content-Length: 2000
X-Request-Id: go0pZbvvR4k8bP0TTZx2F
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ix83hLX7SWb11brmy0HHo_bHUkcn34ORxQlUWFA-nSeDthy-_vcq4A==
Expires: Thu, 17 Jun 2021 11:16:59 GMT

GET
H3-29 200 DSC04781.JPG
3.bp.blogspot.com/-UQbh__oPviE/V783LfgvTWI/AAAAAAAAKbI/iJjLHeXwAZUPNH_irenk6VYuKZU3ee7DgCLcB/s320/ 25 KB
25 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UQbh__oPviE/V783LfgvTWI/AAAAAAAAKbI/iJjLHeXwAZUPNH_irenk6VYuKZU3ee7DgCLcB/s320/DSC04781.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f30e081789daab640b9ebfa210517f382b2d50969402b9db32e0a1642a9bc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 11:42:59 GMT
x-content-type-options: nosniff
age: 4117
content-disposition: inline;filename="DSC04781.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25618
x-xss-protection: 0
server: fife
etag: "v29b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:55:04 GMT

GET
H/1.1 404
Not Found moreformomsbuckgiveaway.png
img155.imageshack.us/img155/5598/ 0
0 327ms
307ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img155.imageshack.us/img155/5598/moreformomsbuckgiveaway.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
33 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bd2bae9822848102c101c9622b2795b0598baa218ad1b82c572bd3f4dda720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 18 Jun 2021 12:51:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12397068493466332129
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33373
X-XSS-Protection: 0
Expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H/1.1 404
Not Found moreformomsbuckaffiliat.png
img651.imageshack.us/img651/7589/ 0
0 324ms
303ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img651.imageshack.us/img651/7589/moreformomsbuckaffiliat.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK button1.jpg
www.momselect.com/images/ 18 KB
18 KB 409ms
184ms Image
image/jpeg 64.111.116.72
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.momselect.com/images/button1.jpg
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 64.111.116.72 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: hipleasures.com
Software: Apache /
Resource Hash: 07f5bade0660e4a3f0e5b5fe4b1bf78e1f949c9e2eeee0f37c946077c3873feb

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Last-Modified: Wed, 23 Aug 2017 13:40:27 GMT
Server: Apache
ETag: "470e-5576bdad3f840"
Vary: User-Agent
Upgrade: h2
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=100
Content-Length: 18190
Expires: Sun, 18 Jul 2021 12:51:36 GMT

GET
H/1.1 404
Not Found MBSWebButton.jpg
www.myblogspark.com/images/ 0
0 431ms
285ms Image
text/html 209.141.56.224
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.myblogspark.com/images/MBSWebButton.jpg
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 209.141.56.224 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS: b000.b000.banligo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1

403
Forbidden

USFGmemberbadge.png
www.usfamilyguide.com/graphics/
Redirect Chain

http://www.usfamilyguide.com/graphics/USFGmemberbadge.png
https://www.usfamilyguide.com/graphics/USFGmemberbadge.png

0
0

488ms
162ms

Image
text/html

143.198.246.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usfamilyguide.com/graphics/USFGmemberbadge.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.246.108 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Redirect headers

Location: https://www.usfamilyguide.com/graphics/USFGmemberbadge.png
Date: Fri, 18 Jun 2021 12:51:36 GMT
Server: Protected by COMODO WAF
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 266
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found moreformomsbuckattendin.png
img11.imageshack.us/img11/5257/ 0
0 327ms
305ms Image
text/html 38.99.77.16
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img11.imageshack.us/img11/5257/moreformomsbuckattendin.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.16 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK type_2.png
www.sverve.com/images/badges/ 40 KB
41 KB 52ms
35ms Image
image/png 2606:4700:3034::ac43:884f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sverve.com/images/badges/type_2.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 2606:4700:3034::ac43:884f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236dbce5f69fd65b3e40b0f2d2831d3c49aee5f0fb8b04f88c964d1cdaf034a6

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1017328
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 40957
cf-request-id: 0ac0c655c200004d84dd160000000001
Server: cloudflare
Etag: "d8b283c026cbb04f8413caf7ac1bf51d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S2F5PPaZUiN0Iu2k7fXvHVDZwcp7e0yvPGMyvJ6X0KbOYpk6PLL%2B3M2R%2BY%2FDrtoe9Ak4qGyzM3IsflFIRv7rPS%2FxurcRtrA3suaDE46ZDvw0l2FT8enQnbm142Ctbmmy0irMz6drckU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
CF-RAY: 6614a66939eb4d84-FRA

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js
https://ap.lijit.com/www/delivery/fpi.js

5 KB
3 KB

96ms
32ms

Script
text/javascript

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:36 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js
Content-length: 0

GET
H/1.1 404
Not Found moreformomsbuckfollower.png
img841.imageshack.us/img841/6250/ 0
0 328ms
307ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img841.imageshack.us/img841/6250/moreformomsbuckfollower.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 404
Not Found moreformomsbucksubscrib.png
img839.imageshack.us/img839/5461/ 0
0 491ms
307ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img839.imageshack.us/img839/5461/moreformomsbucksubscrib.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H3-29 200 arrow_dropdown.gif
resources.blogblog.com/img/widgets/ 141 B
162 B 7ms
6ms Image
image/gif 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/arrow_dropdown.gif

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:47:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 540243
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
expires: Sat, 19 Jun 2021 06:47:33 GMT

GET
H3-29 200 icon_feed12.png
resources.blogblog.com/img/ 500 B
521 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon_feed12.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:22:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 498564
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
expires: Sat, 19 Jun 2021 18:22:12 GMT

GET
H3-29 200 subscribe-netvibes.png
resources.blogblog.com/img/widgets/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-netvibes.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:26:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 12:54:26 GMT
server: sffe
age: 509127
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1445
x-xss-protection: 0
expires: Sat, 19 Jun 2021 15:26:09 GMT

GET
H3-29 200 subscribe-yahoo.png
resources.blogblog.com/img/widgets/ 580 B
601 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-yahoo.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:26:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 509104
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 0
expires: Sat, 19 Jun 2021 15:26:32 GMT

GET
H/1.1 404
Not Found moreformomsbucksavings.png
img340.imageshack.us/img340/5907/ 0
0 326ms
305ms Image
text/html 38.99.77.16
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img340.imageshack.us/img340/5907/moreformomsbucksavings.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.16 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

8ms
6ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1673
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Fri, 02 Jul 2021 12:23:43 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK load.min.js Show response
s3.amazonaws.com/cgc-badge-v2/ 0
360 B 415ms
110ms Script
text/javascript 52.216.80.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cgc-badge-v2/load.min.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.80.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
Server: AmazonS3
x-amz-request-id: YZ5PBB7978D4E6HR
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: JsL7j/xHC8ZV7/eahF0wEhwT55qls1NEaky2jiLWKYd2v8NSCp8/mXBl+W0eEYV9RpDFyarYxqI=

GET
H/1.1 200
OK common.js Show response
s3.amazonaws.com/cgc-badge-v2/ 0
360 B 428ms
120ms Script
text/javascript 52.216.80.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cgc-badge-v2/common.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.80.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
Server: AmazonS3
x-amz-request-id: YZ5PT46G5CHANDW1
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: cpCRX1JAI1EXF1xJ0+2LdwyJNwBkBO/rIHxp2Zt9AavBXUf+yWZxyHpjr7W5CwfoRLY5+K4ZWF0=

GET
H/1.1 200
OK 3KeS6d9u263qIgvO2ypTWE4d1cR8ZkRP.js Show response
badge.clevergirlscollective.com/v2/ 0
271 B 384ms
335ms Script
application/javascript 34.209.120.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://badge.clevergirlscollective.com/v2/3KeS6d9u263qIgvO2ypTWE4d1cR8ZkRP.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 34.209.120.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-120-242.us-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Last-Modified: Sun, 06 Dec 2020 21:55:31 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fcd5353-0"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK cookienotice.js Show response
www.more4momsbuck.com/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/js/cookienotice.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.more4momsbuck.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: */*
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Cookie: __utma=70565388.1846024775.1624020696.1624020696.1624020696.1; __utmb=70565388; __utmc=70565388; __utmz=70565388.1624020696.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Jun 2021 23:54:36 GMT
Server: sffe
Age: 4117
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Fri, 25 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
www.google.com/js/bg/ 14 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/js/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 23:06:00 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Last-Modified: Mon, 14 Jun 2021 13:30:00 GMT
Server: sffe
X-Content-Type-Options: nosniff
Age: 308736
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6353
X-XSS-Protection: 0
Expires: Tue, 14 Jun 2022 23:06:00 GMT

GET
H/1.1 200
OK csi.js Show response
www.more4momsbuck.com/b/ 35 KB
18 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/b/csi.js?h=r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e5457142cd6bcb6d0f67df7d990ff83edf3df9bccd64126a5026c62c029da5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.more4momsbuck.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: */*
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Cookie: __utma=70565388.1846024775.1624020696.1624020696.1624020696.1; __utmb=70565388; __utmc=70565388; __utmz=70565388.1624020696.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Date: Fri, 18 Jun 2021 12:51:36 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 17773
X-XSS-Protection: 1; mode=block
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1289263365-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
147 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e185ca0df36101658cfe1ee78417ddec00b4e293295631b0be0d8428737a1421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:12:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 16:15:37 GMT
server: sffe
age: 9556
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150469
x-xss-protection: 0
expires: Sat, 18 Jun 2022 10:12:20 GMT

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias
https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

101 KB
36 KB

14ms
14ms

Script
application/javascript

2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9c56bf40c7dc06f00f7a70e6466cb0768900ff116d108f96a8c0ea6730215b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37137
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 12:51:36 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias
Date: Fri, 18 Jun 2021 12:51:36 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 271
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 121ms
107ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3261223850769490648&zx=4cb58a9a-28e5-4325-8b90-b9fad9031f00

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 12:51:36 GMT
server: GSE
date: Fri, 18 Jun 2021 12:51:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 141 KB
49 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 05:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50591
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 05:23:48 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 54 KB
17 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 19:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17642
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 19:29:38 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:36:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 26079
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Fri, 02 Jul 2021 05:36:57 GMT

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
514 B 82ms
6ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 17:20:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 502272
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Sat, 19 Jun 2021 17:20:24 GMT

GET
H2 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
469 B 70ms
5ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:22:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 498566
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Sat, 19 Jun 2021 18:22:10 GMT

GET
H3-29 200 navbar.g Show response
www.blogger.com/ Frame 0A2D 7 KB
3 KB 124ms
124ms Document
text/html 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efbeebb3d6450d3590ef3c5b2b8da7de82fb34aa81ccfc750bf57926888b1219

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2589
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK load.js Show response
widget-prime.rafflecopter.com/ 5 KB
3 KB 32ms
32ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/load.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/launch.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9c0210472da908d21e73701c914e53781c4688a7f4595ef8d0189b0a5070f4

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
Server: AmazonS3
Age: 14
ETag: "b5c8176413f5bc6e3af22f14dfae3607"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Cache-Control: max-age=100, s-maxage=50
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 2161
X-Amz-Cf-Id: nG-JMap71NCTAh3wTM12T866pZWNm8UaqlMQQbKSwvjYEmgQ44a21A==

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 103ms
103ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3261223850769490648&zx=4cb58a9a-28e5-4325-8b90-b9fad9031f00

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 12:51:36 GMT
server: GSE
date: Fri, 18 Jun 2021 12:51:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:55:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 528960
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
expires: Sat, 19 Jun 2021 09:55:36 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
86 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8681530136578467&plah=www.more4momsbuck.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H/1.1 404
Not Found 53441e07e89cc826187cef35 Show response
members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/ Frame 92D3 2 KB
2 KB 502ms
151ms Document
text/html 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 08696173d80522eccf1228a3a3675c0a90f9f2f8613445224e27c57f4c106205

Request headers

Host: members.one2onenetwork.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1818
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame DA00 87 KB
20 KB 46ms
45ms Script
text/javascript 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Expires: Sat, 19 Jun 2021 12:51:36 GMT

GET
H3-29 200 s_top.png
resources.blogblog.com/img/widgets/ 335 B
356 B 20ms
6ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_top.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:06:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 00:56:26 GMT
server: sffe
age: 510335
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Sat, 19 Jun 2021 15:06:01 GMT

GET
H3-29 200 s_bottom.png
resources.blogblog.com/img/widgets/ 172 B
193 B 20ms
7ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_bottom.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:58:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 546774
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172
x-xss-protection: 0
expires: Sat, 19 Jun 2021 04:58:42 GMT

GET
H3-29

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20revi...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20rev...

35 B
55 B

6ms
5ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=170394146&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1846024775.1624020696.1624020696.1624020696.1%3B%2B__utmz%3D70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 21:08:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56605
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1846024775&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=170394146&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1846024775.1624020696.1624020696.1624020696.1%3B%2B__utmz%3D70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H3-29 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 0A2D 54 KB
20 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ALZ9zVayBC+gFcXwYI0MOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "2f833259b70b8fc0d60c939935311197"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ALZ9zVayBC+gFcXwYI0MOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame DA00 159 B
550 B 37ms
36ms Script
application/x-javascript 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=177233&tid=9340f74cc35d47fc90a3c18758d70c1bab4e4b6a&mode=1&dmn=www.more4momsbuck.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cab91f3ccb1d2ad1a78811a26bd5063d5920fe7a25abad09dd4e44af9320136

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H3-29 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 0A2D 907 B
928 B 7ms
6ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:10:46 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 549650
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Sat, 19 Jun 2021 04:10:46 GMT

GET
H3-29 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 0A2D 117 B
138 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:27:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 527052
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:27:24 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame 0A2D 120 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41292
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 19:29:45 GMT

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 6068 1 KB
1 KB 31ms
30ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: YK5abn10MYJ-KBAAq9hPViYfdEj6zu0B2JYR-8AwS3_HdEgkr-UJCw==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 12DB 1 KB
1 KB 60ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: i8K8FxW4OkSVej6in-UDMYYTodBNNsaAGDeQBf3pbsYK4aZgiVbIKg==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 13BA 1 KB
1 KB 89ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: riUAN2_8AaM8LQDFzzL_sUkI_RK7IE0q1n5vp9zsSt-fW7uYCcyooQ==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame B0E2 1 KB
1 KB 88ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 0bpmdueiWl0Ze17eDizLSnyA11-z_Ezk9mcFZvkOpZWh-scNRwjUmw==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame BAE6 1 KB
1 KB 91ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: UySRK4QvG1R9Qq_sEj5QKCba_6BqTFHjdDvey6mrK-k95S4voIjEhA==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 7560 1 KB
1 KB 91ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: N7BKsMzl_ADE38SqK_ps38aKkuUpyUAh1uVGeM1sT1nrD_rmS53pnQ==
Age: 2141707

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame C435 1 KB
1 KB 89ms
29ms Document
text/html 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 24 May 2021 17:56:30 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: TMrawYVI7tsFfRIdCEv55cFs0ybY4iQpZpCC29MCL_YWjiTHsYMgyA==
Age: 2141707

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24517
x-xss-protection: 0
pragma: public
x-fb-debug: JJN3Z8yoiu81HgMk4q2ZZBPjdwMbtzbfr4y6yi5SnngyBaaVWUeiCWjzeAuISKUjyWIJN/25LK63FiU8V1lk3Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Jun 2021 12:51:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK igpkg3.js Show response
px.owneriq.net/stas/s/ 12 KB
12 KB 109ms
37ms Script
text/javascript 104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/stas/s/igpkg3.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 25fc81b6d3f3fe8d4dd0544b4ff143abbf5d0552a39cc81f6102781bfa1f000a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:36 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
Content-Type: text/javascript
X-Powered-By: PHP/5.3.3
Content-Length: 12359
Expires: Fri, 18 Jun 2021 12:51:36 GMT

GET
H3-29

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1616
date: Fri, 18 Jun 2021 12:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 14:24:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
661 B 104ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.more4momsbuck.com&callback=_gfp_s_&client=ca-pub-8681530136578467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8681530136578467&plah=www.more4momsbuck.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5505115211cc3a79bfe1d2093ca73eb6ea5b6422ac2d04e2138348fba8b732f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.more4momsbuck.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.more4momsbuck.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A9D 430 B
409 B 72ms
71ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=438307609&adf=2543627872&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624020696465&bpp=18&bdt=212&idt=484&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3234641007606&frm=20&pv=2&ga_vid=1846024775.1624020696&ga_sid=1624020696&ga_hid=170394146&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061335&oid=3&pvsid=2938848032133301&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=MewkltVDGP&p=http%3A//www.more4momsbuck.com&dtd=500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b78b691f5fc5d43cb3745c10a416a02e7cf624227d91677f101a331d0a5b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=438307609&adf=2543627872&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624020696465&bpp=18&bdt=212&idt=484&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=3234641007606&frm=20&pv=2&ga_vid=1846024775.1624020696&ga_sid=1624020696&ga_hid=170394146&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061335&oid=3&pvsid=2938848032133301&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=MewkltVDGP&p=http%3A//www.more4momsbuck.com&dtd=500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 12:51:37 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 13:06:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 12:51:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:51:37 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 14ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8681530136578467&c=13&e=2570847921467975139&n=0&t=0&w=2980&x=6

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame DA00 261 B
858 B 41ms
41ms Script
application/x-javascript 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=177233&tid=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.more4momsbuck.com&time=12%3A51%3A37&fd=1&be=sf&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&orig_loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&abf=false&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: c06555e79916a3e898f2e981e1b9f34853c206982d4cc49baac76660254a7916

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 212

GET
H3-29 200 308519652912505 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/308519652912505?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9294f7f395774611fb12ac978c109269350d5ba40eab79a94dcd14d34252ff4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76101
x-xss-protection: 0
pragma: public
x-fb-debug: TNQ/jQk14aBtSHCQqRZpUzrtjCQEnZ2ie6KrMUlBsr+wOs4/VVvfyFHiusmnaQT+bs/xqWFUhAgS4ADCXqOB1g==
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 6068 221 KB
64 KB 37ms
36ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: _zlApSzOs7e0BwoKlP8lrsy_CdN2KP48MyhAV8UkCYzisHqhKeDQ3Q==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 12DB 221 KB
64 KB 34ms
34ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: hdNhxcy2XqMLUInYWseOQgraSNTg9UaTIchBJ53vCeIOH_ikiuN23g==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 6068 6 KB
7 KB 31ms
30ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: 90RiDAVDvWLoQW2Qps8ymqsf7eFpI7fw2PTg3qqJZORl6Nne0XOUew==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 12DB 6 KB
7 KB 33ms
32ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: xFVrryo_YuGhuDTGzne-6B5rnk-XZO09D9Z5rl8NApjqKXpWXnx20Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53521312-22&cid=1846024775.1624020696&jid=1121755685&gjid=751161284&_gid=74853440.1624020697&_u=YSBCgEABCAAAAE~&z=937235891

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 12:51:37 GMT
content-type: text/plain
access-control-allow-origin: http://www.more4momsbuck.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%20...
https://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%2...

35 B
55 B

6ms
6ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1846024775.1624020696.1624020696.1624020696.1&_utmz=70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624020697036&_u=YSBCgEABC~&jid=1121755685&gjid=751161284&cid=1846024775.1624020696&tid=UA-53521312-22&_gid=74853440.1624020697&z=2075030170

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 10:45:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j90&a=170394146&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1846024775.1624020696.1624020696.1624020696.1&_utmz=70565388.1624020696.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624020697036&_u=YSBCgEABC~&jid=1121755685&gjid=751161284&cid=1846024775.1624020696&tid=UA-53521312-22&_gid=74853440.1624020697&z=2075030170
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 8969
Redirect Chain

https://px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q6773070972060135765J&l=true
https://px.owneriq.net/noop?ct=text%2Fhtml

0
355 B

36ms
36ms

Document
text/html

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/igpkg3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: px.owneriq.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Length: 20
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Date: Fri, 18 Jun 2021 12:51:37 GMT
Connection: keep-alive

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/
Redirect Chain

https://px.owneriq.net/j/?ref=http://www.more4momsbuck.com/search/label/giveaway.%2520product%2520review&pt=igpkg3&t=f%7C%22More%25204%2520Mom%253A%2520giveaway.%2520product%2520review%22&s=ba2e
https://px.owneriq.net/noop?ct=application%2Fx-javascript

0
370 B

55ms
43ms

Script
application/x-javascript

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 20

Redirect headers

Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 13BA 221 KB
64 KB 64ms
63ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: aMDWsWt-txz32EZVQvfgTr-a_AGaQ-KnlkPxu1YwiUc4a80Be13ElA==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame B0E2 221 KB
64 KB 35ms
34ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: niaUSl2OlA0scv3ZnVUT2HPvRZoxAJxqL2Xj7YaPklPccDxkMGgvVw==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame BAE6 221 KB
64 KB 52ms
36ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: skE4CTIO_1Fy_bqis4K9XQUGhnIrlRr-8KXQgQQTMOeiqk16UiSNsA==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame C435 221 KB
64 KB 53ms
36ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 7ka9ju8CJYumxCb4yemS8HUpCCL93FF3QqMH4lLut-g1SY6miuN-ww==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 7560 221 KB
64 KB 80ms
31ms Script
application/javascript 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 17:57:10 GMT
Content-Encoding: gzip
Age: 5770467
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: CHjkprASlx_44w1DDOMxOB6fx1HkSVbXoytWbF3G7cINXkag_C2HLQ==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK app.css
members.one2onenetwork.com/css/ Frame 92D3 439 KB
62 KB 396ms
154ms Stylesheet
text/css 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f5f5784725bb0f49547b7065c1254be074efd0052187a26e8f4e3d21cf617157

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:23 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6dcc9-5a9f39613ffdd-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK vue-material.css
members.one2onenetwork.com/css/ Frame 92D3 102 KB
15 KB 375ms
132ms Stylesheet
text/css 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/css/vue-material.css
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: edf6cc0ca66d29bb3e30ce70c436ae7d7e566f616b90f496ea1c655b73820db9

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1984e-59f4149231f71-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15528

GET
H2 200 icon
fonts.googleapis.com/ Frame 92D3 568 B
461 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://members.one2onenetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:51:37 GMT
server: ESF
date: Fri, 18 Jun 2021 12:51:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 12:51:37 GMT

GET
H/1.1 200
OK manifest.js Show response
members.one2onenetwork.com/js/ Frame 92D3 798 B
791 B 366ms
122ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/manifest.js?id=2d315777967b6001bcf1
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b5dd2c84fda954bb0def276c82c506ca5b6c4f84f063bd82e6b813c12ba90524

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "31e-5a9f396243c7b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 441

GET
H/1.1 200
OK vendor.js Show response
members.one2onenetwork.com/js/ Frame 92D3 982 KB
272 KB 391ms
146ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/vendor.js?id=ecdfa242dd01ed713553
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5b1ce55b0a878b5d76ec7e8bcc49992358fffacc7f9583b606f1c79a7f8c77c2

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f5688-5a9f396266f08-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK app.js Show response
members.one2onenetwork.com/js/ Frame 92D3 1 MB
298 KB 389ms
145ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/app.js?id=8ebd7580d459ca368be9
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b1fe5938695f5767abd5ccebd0aef9ff5267f6b0994196a1a6a50a5532ba9303

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "118ecd-5a9f3962332d5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 13BA 6 KB
7 KB 112ms
29ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: 8QP2IeOqLJFwEBGTdlukI575QQgIqZCMwRVpb2sD-hhy1da5rZgi-A==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame B0E2 6 KB
7 KB 81ms
36ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: 4frXX_bsWCdH8YUxdMrHPH6d-cVD0JvwBrZRKT7eIt33EjtufbB7Og==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame BAE6 6 KB
7 KB 95ms
31ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: BtNPqVtVTqjvDzoO_HkypHUFPxCTk-mhoXNf-zu4qs2yUcddsedH6A==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 7560 6 KB
7 KB 104ms
29ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: qfdJatDQBuiV_LexdvXa8qkYBoPTEhAYu6v6RTTNVW6_Gaok5NlXOg==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame C435 6 KB
7 KB 112ms
34ms Image
image/gif 143.204.98.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-27.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:32:52 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 26326
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: 7-OvBGuZY21CQ6eGxufoz1uSAK27DeVJt4bNo7w84QfwN4JP42ARsQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308519652912505&ev=PageView&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&rl=&if=false&ts=1624020697092&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1624020697091.549116536&it=1624020697022&coo=false&rqm=GET

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 18 Jun 2021 12:51:37 GMT

GET
H/1.1 200
OK Cookie set beacon Show response
gslbeacon.lijit.com/ Frame 7FF2 2 KB
2 KB 123ms
41ms Document
text/html 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 91590b495555202fd8a216d206de5b716e827fcdc723486b9007b9ec714b30dd

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=9734d9c0239e39beb38dadc6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Server: nginx
Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVrIwULIyNDMyNTI2MLI011EyRuVaoPGNzVD5pmh8SzTjjCDyJgZmxhYgvqERmnpLS3MMEQtkkVoAZhEgfw%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 18-Jun-2022 12:51:37 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 18-Jun-2022 12:51:37 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=9734d9c0239e39beb38dadc6;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap2ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame DA00 54 KB
6 KB 38ms
38ms Script
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=177233&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 58a24a738bc5104b6dd2399506f7698a58369a6bb57e0963f15787308551df67

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap6ams1.lijit.com/addelivery/ Frame DA00 43 B
567 B 106ms
42ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap6ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=177233&tid=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap6ams1.lijit.com/data/ Frame DA00 43 B
206 B 120ms
41ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap6ams1.lijit.com/data/fp?tid=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&zoneid=177233&starttime=1624020696545&adcfg=3&adcfg_response=469&addelivery=472&addelivery_response=556&lgfired=559&beacon=561&container=563&EOL=564&ctstart=0&elapsed_ms=564
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: nginx
X-Sovrn-Pod: ad_ap6ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame DA00 0
225 B 331ms
61ms Script
text/plain 104.111.233.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxdrop.lijit.com/1/d/t.dhj?dmn=more4momsbuck.com&GDPR_v2=
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Fri, 18 Jun 2021 12:51:37 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame DA00
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent=

95 B
426 B

26ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent=

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:37 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Fri, 18 Jun 2021 12:51:37 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=9734d9c0239e39beb38dadc6&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame DA00 0
344 B 392ms
35ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DA00
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=9734d9c0239e39beb38dadc6/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=9734d9c0239e39beb38dadc6/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=a8ecde08474016201e5eb917ec096b78&gdpr=1&gdpr_consent=

43 B
1 KB

34ms
34ms

Image
image/gif

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=a8ecde08474016201e5eb917ec096b78&gdpr=1&gdpr_consent=
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:38 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:38 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=a8ecde08474016201e5eb917ec096b78&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.22.176
content-length: 0
expires: 0

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame DA00 43 B
206 B 33ms
32ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&zoneid=177233&cid=18&geo=FR&all_tags=185%2C203%2C205%2C248%2C429%2C458%2C462%2C465%2C501%2C503%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C578%2C589%2C590%2C600&tss=68%2C69%2C69%2C70&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=70
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: nginx
X-Sovrn-Pod: ad_ap6ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 7FF2 0
0 93ms
29ms Image
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7FF2
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
1 KB

101ms
34ms

Image
image/gif

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:37 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7FF2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=9734d9c0239e39beb38dadc6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=b90860cc-96db-4100-af8b-9a65ca098063&gdpr=1&gdpr_consent=

43 B
2 KB

64ms
33ms

Image
image/gif

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=b90860cc-96db-4100-af8b-9a65ca098063&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Fri, 18 Jun 2021 12:51:31 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=b90860cc-96db-4100-af8b-9a65ca098063&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Jun 2021 12:51:30 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7FF2
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

35ms
34ms

Image
image/gif

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:40 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 7FF2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

41ms
41ms

Image
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:38 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7FF2 0
239 B 1434ms
109ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 7d24643e640b7b50906469aa87bfb2ce
Content-Type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 7FF2 43 B
146 B 1125ms
35ms Image
image/gif 52.59.81.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.81.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-81-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7FF2 0
239 B 1137ms
29ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 7FF2
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=OTczNGQ5YzAyMzllMzliZWIzOGRhZGM2&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

33ms
32ms

Image
image/gif

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame CFB0 4 KB
2 KB 1150ms
45ms Document
text/html 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_b9c5505f38ef4c3d83d5c21ce13b09b2&rand=1650&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 122b0bde4f014201a4d810009cc31f225b9f17e8b50703efd66fca419da44b62

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

date: Fri, 18 Jun 2021 12:51:38 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21; Domain=.gumgum.com; Expires=Sat, 18-Jun-2022 12:51:38 GMT; Path=/; Secure; SameSite=None
etag: W/"0a858f09f021cdceb4ff2415390a4fec8"
timing-allow-origin: *
content-encoding: gzip

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybu1129x2DQ7fv2en

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 18 Jun 2021 12:51:37 GMT
content-type: text/plain
access-control-allow-origin: http://www.more4momsbuck.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK ProximaNova-Regular.otf
members.one2onenetwork.com/fonts/proxima-nova/ Frame 92D3 92 KB
93 KB 123ms
122ms Font
application/font-sfnt 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Request headers

Origin: https://members.one2onenetwork.com
Referer: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:38 GMT
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "171cc-59f41492a7299"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 94668

GET
H/1.1 200
OK ProximaNova-Light.otf
members.one2onenetwork.com/fonts/proxima-nova/ Frame 92D3 92 KB
92 KB 122ms
121ms Font
application/font-sfnt 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/fonts/proxima-nova/ProximaNova-Light.otf
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c

Request headers

Origin: https://members.one2onenetwork.com
Referer: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:38 GMT
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1706c-59f41492a7299"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 94316

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=8515489837694237668

35 B
237 B

50ms
50ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=8515489837694237668
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:38 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.229:80
AN-X-Request-Uuid: 76acd01b-db7a-4d6a-b838-949f98a16ecf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=8515489837694237668
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame CFB0 43 B
145 B 37ms
36ms Image
image/gif 52.59.81.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4724eafe-19dd-4373-b7e9-5869db64ad21&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.81.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-81-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame CFB0
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4724eafe-19dd-4373-b7e9-5869db64ad21&obuid=ENC(Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DZ1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMe...
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DZ1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMe...
https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed47d6c7-d033-11eb-9e9b-15758c630106&obUid=Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI

0
308 B

96ms
96ms

Image
text/plain

64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed47d6c7-d033-11eb-9e9b-15758c630106&obUid=Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:40 GMT
Cache-Control: no-cache
X-TraceId: c5a72ab2878566e544142de9317cd404
Content-Length: 0

Redirect headers

Date: Fri, 18 Jun 2021 12:51:40 GMT
Server: nginx
Location: https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed47d6c7-d033-11eb-9e9b-15758c630106&obUid=Z1msSEcgV9Dg5AqsVPUmY6m-dEJtvc6jrYSVNeVuMeNO1cdEMvmNUHeNy-6177cI
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=d7d5fdb7-91ee-4647-8ea1-29cfff916c23

35 B
237 B

53ms
52ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=d7d5fdb7-91ee-4647-8ea1-29cfff916c23
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 18 Jun 2021 12:51:38 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=d7d5fdb7-91ee-4647-8ea1-29cfff916c23
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame CFB0 43 B
168 B 668ms
107ms Image
image/gif 54.87.192.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.192.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:51:39 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-RkzZfxpE2pf6WsaH2uC39RER_32aUU9_3Bna~A

35 B
237 B

51ms
51ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-RkzZfxpE2pf6WsaH2uC39RER_32aUU9_3Bna~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 18 Jun 2021 12:51:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-RkzZfxpE2pf6WsaH2uC39RER_32aUU9_3Bna~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=ecab22f0-d033-11eb-8039-79eb22eb5845

35 B
237 B

50ms
50ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=ecab22f0-d033-11eb-8039-79eb22eb5845
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:39 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=ecab22f0-d033-11eb-8039-79eb22eb5845
Date: Fri, 18 Jun 2021 12:51:38 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: ecab22f1-d033-11eb-8039-79eb22eb5845

GET
H2 204 services
sync.technoratimedia.com/ Frame CFB0 0
294 B 3342ms
117ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:41 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 833954809
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame CFB0 0
44 B 1320ms
101ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:39 GMT
content-length: 0
server: a

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4724eafe-19dd-4373-b7e9-5869db64ad21&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

47ms
46ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:41 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=a16bad46-5761-4396-b461-390a63ac4850

35 B
237 B

50ms
50ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=a16bad46-5761-4396-b461-390a63ac4850
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:39 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=a16bad46-5761-4396-b461-390a63ac4850
date: Fri, 18 Jun 2021 12:51:39 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4167064691
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4167064691
https://sync.1rx.io/usersync/tradedesk/edaec462-0e7a-4075-b7ba-62f27f81d0b4
https://sync.targeting.unrulymedia.com/csync/RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003

35 B
237 B

51ms
50ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-c7cb6270-39d6-499c-8d65-2a5d81cedfc0-003
date: Fri, 18 Jun 2021 12:51:40 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXc7cb627039d6499c8d652a5d81cedfc0003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=kBlQQjkvxzRs&ev=1&pid=558355

35 B
237 B

50ms
50ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=kBlQQjkvxzRs&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:39 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=kBlQQjkvxzRs&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-k8k5m
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame CFB0
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=4376036530485904128&gdpr=1&gdpr_consent=

35 B
237 B

44ms
44ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=4376036530485904128&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:41 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=4376036530485904128&gdpr=1&gdpr_consent=
date: Fri, 18 Jun 2021 12:51:41 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame CFB0 43 B
2 KB 32ms
32ms Image
image/gif 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:51:39 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 9B42
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=

35 B
237 B

50ms
50ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:40 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 18 Jun 2021 12:51:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3759 5f8f15b master zrh-pixel-x8
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=6df660cc-96db-4c00-afa5-83dbe80ac600; domain=.mathtag.com; path=/; expires=Sat, 16-Jul-2022 12:51:39 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=6df660cc-96db-4c00-afa5-83dbe80ac600&gdpr=1&gdpr_consent=
Expires: Fri, 18 Jun 2021 12:51:30 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E65F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg
https://rtb.gumgum.com/usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg

35 B
237 B

50ms
50ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:41 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YMyW3QABp1bfEQBg&gdpr=1&gdpr_consent=&_test=YMyW3QABp1bfEQBg
accept-ranges: bytes
date: Fri, 18 Jun 2021 12:51:41 GMT
via: 1.1 varnish
x-served-by: cache-hhn4026-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1624020702.677309,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame F956 170 B
188 B 74ms
38ms Document
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NzI0ZWFmZS0xOWRkLTQzNzMtYjdlOS01ODY5ZGI2NGFkMjE=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV80NzI0ZWFmZS0xOWRkLTQzNzMtYjdlOS01ODY5ZGI2NGFkMjE=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGJv3U33VE8Ot1J-ijb2pT0FSTdRtNHlwWBlTbND1w-QbsuEcNqqSc5yNTMo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Fri, 18 Jun 2021 12:51:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6110 14 KB
5 KB 1364ms
35ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=45227
expires: Sat, 19 Jun 2021 01:25:26 GMT
date: Fri, 18 Jun 2021 12:51:39 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 84D8 0
0 3414ms
132ms Document
text/plain 208.100.17.174
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Fri, 18 Jun 2021 12:51:41 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 3375 70 B
265 B 1113ms
36ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:39 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame BC36 0
0 3244ms
53ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Fri, 18 Jun 2021 12:51:41 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E3D5
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA

35 B
237 B

50ms
49ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:42 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 18 Jun 2021 12:51:42 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YMyW3sCo8YQAANh1C1IAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad352.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":32,"gdpr":true,"ipv4":"0.0.0.0","key":"YMyW3sCo8YQAANh1C1IAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad352"}
X-SO-Key: YMyW3sCo8YQAANh1C1IAAAAA
X-SO-IP: 82.102.18.114
X-SO-Cluster-ID: 32
X-SO-Upstream-ID: m-ad352

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C430
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1875819620689774306

35 B
237 B

50ms
50ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1875819620689774306
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1875819620689774306
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:39 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 18 Jun 2021 12:51:39 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYGRgZmlpamIKAISD_88QAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 13 Jul 2022 12:51:39 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjCzsDQ3NzE2MBPiM9QNzUs1MTNwiXcv9vSW4jU0MzIxAKqwtDQ1MQUAqjH0qDQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 13 Jul 2022 12:51:39 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjCzsDQ3NzE2MBPiM9QNzUs1MTNwiXcv9vQGAJz5nawlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1875819620689774306
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F5F1
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1

35 B
237 B

51ms
50ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_4724eafe-19dd-4373-b7e9-5869db64ad21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 12:51:41 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 18 Jun 2021 12:51:41 GMT Fri, 18 Jun 2021 12:51:41 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=x2Mzl7ylyYWDbCSHXg7r&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 6068 70 KB
70 KB 109ms
36ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128990
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: uInN8NcmcEcGTjZeOWZFxIdkzvZCQtu_oLHpvrkTSY2RbWfU5sBwyA==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 6068 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 6068 1 KB
2 KB 125ms
32ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81856
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: mLZRB5WCx63Pj3EeDO_sh7zzaL5Ezz7mGkB-j71XDpEj6oc8sy3-LA==

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/ Frame 6068
Redirect Chain

https://graph.facebook.com/v2.2/934893306639366/picture?type=small
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scont...

998 B
1 KB

7ms
6ms

Image
image/jpeg

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Fri, 18 Jun 2021 12:51:38 GMT
x-fb-trip-id: 686109401
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003995610
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 2hGEyJzkeNLVdimYmNo27HxahdM1gquqwBZBDEObAFnfvq0/yjVc8cs7/mKJZHE8L7ZMmuzZuOX5uatvRNZmGQ==
x-fb-trace-id: CRenl2ZwgAJ
date: Fri, 18 Jun 2021 12:51:38 GMT
content-type: image/jpeg
location: https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8
x-fb-request-id: AGgiyBZ_AQd77DZj0rQCYCx
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.3
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 6068 246 KB
73 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H2 200 convert
www.filepicker.io/api/file/bp9pG6kRNCTlkKY72epE/ Frame 6068 265 KB
266 KB 73ms
22ms Image
image/jpeg 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.filepicker.io/api/file/bp9pG6kRNCTlkKY72epE/convert?dl=false&crop=0,0,1498,1498&quality=95&fit=scale&cache=true
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d88f84797ba2f2053b128b17102275fb455ea7ce371245de63daedf2ab5348c9

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 209088
x-cache: HIT, HIT
content-length: 271429
x-served-by: cache-bwi5179-BWI, cache-cdg20765-CDG
last-modified: Wed, 16 Jun 2021 02:46:51 GMT
x-timer: S1624020699.078958,VS0,VE2
etag: "af98db113daf902fb9d97919978711bd"
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
filestack-trace-id: 1623811609-93TLj1SDSe
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame 6068 944 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee3fbd016af7ca7f3f07ea12f6ed51da7e33d0de9b8dce98c0039f5a8586c365

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 12DB 70 KB
70 KB 32ms
31ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128991
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: cjS0qHEVfm2TwzDXp-U1QV1dB7bCjMza6Rz0iMnCFxfsvad_7y65YA==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 12DB 1 KB
2 KB 29ms
29ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81856
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: gjlpzCntcqwp5xIepQJb-3AJGMqqX4yw6aNG-oXts1KNlcv_mjXq6g==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 12DB 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 12DB 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame B0E2 70 KB
70 KB 37ms
36ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128991
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: KkMcR9s6kzGkSjI3YJSAgnJY8h1RSzwuEKBbWla0ESAz43Akpi8EXA==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame B0E2 1 KB
2 KB 29ms
28ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81856
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: 4b2ttNWo2Q1n92VeamImV9uOHv53XANiN8cHfSoHZYr4Z-8_UgZEgw==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B0E2 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B0E2 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6110 0
42 B 104ms
34ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99623174&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:39 GMT
content-length: 0

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame BAE6 70 KB
70 KB 31ms
31ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128992
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: mL4uHP8ERDSqwAZD4-bIMQymYq4WT8dstnF1uwTazia0wZE9AteadQ==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame BAE6 1 KB
2 KB 30ms
29ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81857
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: pW5rtOCRUAUu2YDqft23BuhTPkf6tpfJlhxJwRh5Pfq-kUxtBVlYlg==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame BAE6 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/ Frame BAE6
Redirect Chain

https://graph.facebook.com/v2.2/697885777/picture?type=small
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scont...

998 B
1 KB

6ms
6ms

Image
image/jpeg

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Fri, 18 Jun 2021 12:51:40 GMT
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
content-length: 998
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003995610
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: UDRGm0c76v6/VnppQSsZlOCdvDEGTq352gNBTqV9d1qXL5A5yj3QE5O3e0QllfD7LSwJes7IhIiJs+3tqs595w==
x-fb-trace-id: F3LYbfzIOP7
date: Fri, 18 Jun 2021 12:51:40 GMT
content-type: image/jpeg
location: https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=svcUE5AQsZkAX-kvpDK&_nc_ht=scontent-frt3-2.xx&tp=27&oh=9384f412223a74f79aa088faecd1baee&oe=60D166B8
x-fb-request-id: A9WTXve51THuspJkpHagz9x
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.3
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame BAE6 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 7560 70 KB
70 KB 31ms
30ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128992
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: k-hA9FqUP25ykhxAEIgX_eCHdMU4OCVcMqbuZ88xzvc9bUWntN7-ow==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 7560 1 KB
2 KB 29ms
29ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81857
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: RY8k9tzM_8tTwvWXijVe6dSHAU3sS4UskpYlamWJolj3MH9unko3Ew==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 7560 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 7560 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 13BA 70 KB
70 KB 31ms
30ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128993
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: kb1GoU5TUvgDsk8Zvft1ePvPFWH6PKHpl7hpmcy2H5c-IRTKOXXvMg==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 13BA 1 KB
2 KB 29ms
29ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81858
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: QuW4_ICL-W43TKYDjIJEfCMu8E_BOBU8DIzDDXP2p4Ls8__fo5WyBg==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 13BA 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 13BA 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

POST
H/1.1 200
OK csi.do Show response
www.more4momsbuck.com/b/ 17 B
890 B 109ms
108ms XHR
text/html 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/b/csi.do

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/b/csi.js?h=r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

affa9c21e19bbab1871ef174f8ff889b3a1603c2efd588e774bfa715bcdfea25

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://www.more4momsbuck.com
Accept-Encoding: gzip, deflate
Host: www.more4momsbuck.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Cookie: __utma=70565388.1846024775.1624020696.1624020696.1624020696.1; __utmb=70565388; __utmc=70565388; __utmz=70565388.1624020696.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); _ga=GA1.2.1846024775.1624020696; _gid=GA1.2.74853440.1624020697; _gat_cbias1=1; _fbp=fb.1.1624020697091.549116536; __gads=ID=6040fd9fbff0d362-228befeb06c9001a:T=1624020697:RT=1624020697:S=ALNI_MZ1ouM9aQEm_FIXrOGiaKT1EMTs7A
Connection: keep-alive
Content-Length: 1171
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Date: Fri, 18 Jun 2021 12:51:42 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 37
X-XSS-Protection: 1; mode=block
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame C435 70 KB
70 KB 31ms
30ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 01:01:47 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 128994
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 71559
X-Amz-Cf-Id: 8xwsPujEuM9T2j_yOF5A7T2pP800SsuFyFXMMBY2-zecNrSA_i4RXQ==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame C435 1 KB
2 KB 29ms
28ms Image
image/png 13.225.84.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 14:07:24 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 81859
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: NxAlPCsFvF4TUw53wwVYx529OQ6sGJaU9_OxVGLesPvG4Kq934dvbA==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C435 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lDpaBt244BU24x/nRKM+Iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fzyJq6KO87KfPdqf2wvRCWaqRBXsiQXIRWseD2qecQ5z8/P+Ls9fOaU0G4a/cRdMzD4tsdTtOzHw9LErBLYVTg==
x-fb-content-md5: 50031c94f0ce1dd54e8a6ce615c46bb0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "84b1c23298ba0315e8c50f3288055d8e"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 12:57:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C435 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f0104e0da8f4777ee62a96e6051c5518&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3dZlJ+Bm5iJ5KHZ2LiNMig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74488
x-fb-rlafr: 0
x-fb-debug: Nq95EpLF1QNCLZhaEjyahxRVdpue2/TZx6ILeHFPGca2G1U8Tg3ZeLtMLGYGj9qUW4ivrcPadIglTmCQj25cJA==
x-fb-content-md5: e217d78bbac8e928dc5b266d4fe47196
x-frame-options: DENY
date: Fri, 18 Jun 2021 12:51:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "69a7cc488af187ba24f3e7c136d0e787"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 11:33:45 GMT

GET
H3-29 200 1050234869-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/1050234869-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 00:56:26 GMT
server: sffe
age: 527028
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6542
x-xss-protection: 0
expires: Sun, 12 Jun 2022 10:27:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 29ms
27ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43432c4322859461ca9d322bb7d524af96037dcb201a33aabe348bf163055258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7829
x-xss-protection: 0

GET
H3-29 200 2602852074-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 374 KB
374 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2602852074-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77d4a309d15316ebca4b04ba6bfacec9523b22732cfaebf8eb0114b213a335c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 02:34:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:55:07 GMT
server: sffe
age: 123406
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 382732
x-xss-protection: 0
expires: Fri, 17 Jun 2022 02:34:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:51:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 469E 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 18 Jun 2021 11:41:29 GMT
expires: Sat, 18 Jun 2022 11:41:29 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E44 783 B
779 B 16ms
15ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

822471a9d5f4aff12bb4fd22a235ab72c1d317ca419f4f52cbfd042f35ba12ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-08IDFyu81oMbGhIakWNiGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=217=D_a55_kGIlrD67nH_ezqq7Jb_sJ5s2XxmRdc99yqxhbujBo1fdQ9-YSfMhjrVRHbORGBDKJk_YcrNkrCqaRZEtqrcsQ5az4FSD8irx9YBXFjpGL1tVQmigb4c2FmqvuetFZ4ahKwtfEr_lKxPVeWSHrxFTe15JLMjAvXVE4IPPU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

expires: Fri, 18 Jun 2021 12:51:42 GMT
date: Fri, 18 Jun 2021 12:51:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-08IDFyu81oMbGhIakWNiGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 469E 14 KB
6 KB 29ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 10:17:17 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
64ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=2938848032133301&bg=!zc6lzorNAAZktE7iZLQ7ACkAdvg8WpRj7BudGUjg_yfVm6PIAU59x-C_C-zE1zdmDFNmKf5MMTAZjwIAAABBUgAAAAtoAQcKANSfCFbNmanKon3ZMFDm5q5fG92V83IS-bKzCjx2jsrlq-gj0_nJ7dV4UpozWyU3emo-9NhuHapqB1ef_AmgrHO3LYYl85L8i6LGai991XAwrgPVY5Oq3Y_EntmQdnvvViLllpYAFuOToyanOQLw0WGXcbk374Eldc1a0VIU7FpR5ZR5HXWTDj4TE4G3W8XxafGzHN0Zt7r2ABQgAGw93k8w6b4fbssg8b9z6bcCrWZ8Gx03TB3f5ckNNb7S58_JGRfCNNd9EJBilHm-TG7z_hOF2UaJyJkCYq5Zeulpj4OqvUbJps5wHI3uy6FwR7QeFZN_-GTgDSVW5xuhn3yX1LI6R4yW8EoxCHv6iJEFWm_f4KQPIfSuE-wuqphtJ2QfaP8HavWk6_B1tQNL7D7qlfSFw_YJ_b2eFGuT8Ke8YI-qI1C1k3my0GTiRvl4l-QQLZsmWSQLP_AUafX_VIE4pgrwZ-CiXlgvJQgmG3vhF48tnFHRXv8EVbiV-J8YwonTkZIbY3NNQ70UniQGToSvBGCYNoeZdB3W26frGXm7yBY3hl1RdiyonSNDZglaNJgPf9DaU4vNsHLaSB2xf-ZcCvU6PsRk4hW8Cz1ONJxNROF5Gktx7LCXy4vZH0hwcW0_u6PVak5Y6DEsnNiVMe58xKp13sKtW_yl2LWelwgABuzrWODFd_Rzg0QJ5peoAL4airZdv9BQg1d79eFEr_G0PK1DiSRVF2k-2c83Su-hlLvnggPU18MSw-TxnEcau0C-NHg9vxKlILoxRslyfRdDUTQqIWHOCfFPgGLzJjN6EF6GAIB34loOkkUGYBoFIx8_lXx_X7PlJYpYg_VCZ6lgqy4lpQGJKGIkJeOu68tfsMfknoMMMil4_8DNCpYbIvgfDbIkKn7O0onulldJoSIACVvbrMnDhkTeySuKZggiviNCQQVjVAlRiphMAtP5rWIbGZnnBNO2EUZMm5KWS50N-Wi7gnlLmitySio-9FMvSRHhXCwZf-ZV8nKMLp4g9gkFcILedS7FdZ1z8ds8Y7hTYfGAfZ3oTNUIYsM2BqJKr3zi1sbs3i2TykMqSP1EPfApZJnKa8QbOewusaI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:51:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

369 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsrvr.org/	1970-01-20 03:52:36	Name: TDID Value: edaec462-0e7a-4075-b7ba-62f27f81d0b4
.ads.pubmatic.com/	1970-01-19 19:08:27	Name: KCCH Value: YES
.gumgum.com/	1970-01-20 03:52:36	Name: vst Value: e_4724eafe-19dd-4373-b7e9-5869db64ad21
.lijit.com/	1970-01-20 03:52:36	Name: _ljtrtb_3 Value: b90860cc-96db-4100-af8b-9a65ca098063
.more4momsbuck.com/	1970-01-19 19:07:02	Name: __utmb Value: 70565388
.lijit.com/	1970-01-20 03:52:36	Name: ljtrtb Value: eJwNyjESAjEIAMC%2FUJsZSAgEa6%2BwsbhT20xy4Ccc%2F2623i8UgStEZ80c4xOJzD1x0ZKmhqXaxHwKD88EF6iItP5ocXpgY2UkyUhRYxppnGgyta1puN7j%2Be6vY9v7%2FQa%2FP9NMG44%3D
.lijit.com/	1970-01-20 03:52:36	Name: _ljtrtb_36 Value: e_4724eafe-19dd-4373-b7e9-5869db64ad21
.more4momsbuck.com/	1970-01-20 12:38:12	Name: _ga Value: GA1.2.1846024775.1624020696
.lijit.com/	1970-01-20 03:52:36	Name: _ljtrtb_5001 Value: a8ecde08474016201e5eb917ec096b78
.lijit.com/	1970-01-20 03:52:36	Name: ljtrtbexp Value: eJyrVrIwULIyNDMyNTI2MLI011EyRuVaoPGNzVD5pmh8SzTjjCDyJgZmxhYgvqERmnpLS3MMEQtkkVoAZhEgfw%3D%3D
.lijit.com/	1970-01-20 03:52:36	Name: _ljtrtb_90 Value: NTV_USER_ID
.lijit.com/	1970-01-19 19:50:12	Name: ctag Value: 561:1626612697\|515:1626612697\|563:1626612697\|565:1624107097\|520:1626612697\|185:1624107097\|203:1625230297\|205:1624107097\|541:1625230297\|589:1626612697\|462:1624107097
.more4momsbuck.com/	1970-01-19 19:07:00	Name: _gat_cbias1 Value: 1
.rafflecopter.com/	1970-01-19 19:14:12	Name: raflrefer Value: 1364130031ece8f62a901e9c
.more4momsbuck.com/	1969-12-31 23:59:59	Name: __utmc Value: 70565388
.rafflecopter.com/	1970-01-19 19:14:12	Name: rta_refr Value:
.doubleclick.net/	1970-01-20 04:28:36	Name: IDE Value: AHWqTUkcGJv3U33VE8Ot1J-ijb2pT0FSTdRtNHlwWBlTbND1w-QbsuEcNqqSc5yNTMo
.lijit.com/	1970-01-20 03:52:36	Name: ljt_reader Value: 9734d9c0239e39beb38dadc6
.more4momsbuck.com/	1970-01-20 04:28:36	Name: __gads Value: ID=6040fd9fbff0d362-228befeb06c9001a:T=1624020697:RT=1624020697:S=ALNI_MZ1ouM9aQEm_FIXrOGiaKT1EMTs7A
.lijit.com/	1970-01-20 03:52:36	Name: _ljtrtb_56 Value: OPTOUT
.adsrvr.org/	1970-01-20 03:52:36	Name: TDCPM Value: CAEYBSABKAIyCwjIq_7F0ZjZORAFOAE.
.more4momsbuck.com/	1970-01-19 21:16:36	Name: _fbp Value: fb.1.1624020697091.549116536
.more4momsbuck.com/	1970-01-19 23:29:48	Name: __utmz Value: 70565388.1624020696.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.more4momsbuck.com/	1970-01-19 19:08:27	Name: _gid Value: GA1.2.74853440.1624020697
.more4momsbuck.com/	1970-01-20 12:38:12	Name: __utma Value: 70565388.1846024775.1624020696.1624020696.1624020696.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
apis.google.com
b1sync.zemanta.com
badge.clevergirlscollective.com
bcp.crwdcntrl.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
customizer-css.rafflecopter.com
d1bg42r4siwejx.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
graph.facebook.com
gslbeacon.lijit.com
i1353.photobucket.com
image6.pubmatic.com
img11.imageshack.us
img155.imageshack.us
img340.imageshack.us
img651.imageshack.us
img839.imageshack.us
img841.imageshack.us
is.gd
jadserve.postrelease.com
links.rafflecopter.com
match.adsrvr.org
match.deepintent.com
members.one2onenetwork.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.owneriq.net
pxdrop.lijit.com
resources.blogblog.com
rtb.gumgum.com
s3.amazonaws.com
scontent-frt3-2.xx.fbcdn.net
secure.adnxs.com
ssbsync.smartadserver.com
ssc-cms.33across.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
vap6ams1.lijit.com
widget-prime.rafflecopter.com
www.blogger.com
www.facebook.com
www.filepicker.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.momselect.com
www.more4momsbuck.com
www.myblogspark.com
www.sverve.com
www.tomoson.com
www.usfamilyguide.com
x.bidswitch.net
104.111.233.227
104.111.242.53
104.197.67.28
124.146.215.43
13.225.84.149
13.248.242.197
142.250.185.130
142.250.185.66
143.198.246.108
143.204.98.27
143.204.98.88
151.101.114.49
151.101.66.133
18.195.155.181
18.197.139.150
185.184.8.65
185.29.133.58
185.64.189.115
185.86.138.131
185.94.180.126
193.0.160.129
193.122.130.38
198.148.27.140
198.61.128.38
2.18.233.180
208.100.17.174
209.141.56.224
213.19.147.45
216.52.2.30
2606:4700:20::6819:ea35
2606:4700:3034::ac43:884f
2a00:1288:110:c305::8000
2a00:1450:4001:800::2004
2a00:1450:4001:800::2009
2a00:1450:4001:801::2013
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2009
2a00:1450:400c:c08::9d
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.27.153
34.209.120.242
34.239.198.206
34.98.64.218
35.227.248.159
37.252.173.38
38.91.45.7
38.99.77.16
38.99.77.17
52.207.161.225
52.216.80.155
52.30.14.23
52.48.175.241
52.59.81.87
52.95.116.38
54.87.192.123
64.111.116.72
64.202.112.95
65.9.77.101
69.164.195.169
69.173.144.165
72.251.249.13
8.43.72.98
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
037da4a4f8a29b36d7542c1321705165ac0a5ee2a7da72a4569bbea52933dbf5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07f5bade0660e4a3f0e5b5fe4b1bf78e1f949c9e2eeee0f37c946077c3873feb
08696173d80522eccf1228a3a3675c0a90f9f2f8613445224e27c57f4c106205
0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
10255a28643d2fa90d8f5d718322a760315369349d54b86127babd5f481f1dbb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122b0bde4f014201a4d810009cc31f225b9f17e8b50703efd66fca419da44b62
15b78b691f5fc5d43cb3745c10a416a02e7cf624227d91677f101a331d0a5b70
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
1ecf4e3f907eba818100c2ccc71baf8dd6c1bd9b0cd1772cb58a86adb946b128
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
22879d796f880eb320552b4033f48b14d044622f0b1132dea8006e4ec4387507
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
236dbce5f69fd65b3e40b0f2d2831d3c49aee5f0fb8b04f88c964d1cdaf034a6
25fc81b6d3f3fe8d4dd0544b4ff143abbf5d0552a39cc81f6102781bfa1f000a
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6
2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa
39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43432c4322859461ca9d322bb7d524af96037dcb201a33aabe348bf163055258
512f3ebe424f60dc4d784147ace0f1f236585a6e6182700dc0241dffed4008bd
534127b1049d079f727bf1aa3dc2104bfb15e142b1ef02825e94d337008d4157
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5505115211cc3a79bfe1d2093ca73eb6ea5b6422ac2d04e2138348fba8b732f7
58a24a738bc5104b6dd2399506f7698a58369a6bb57e0963f15787308551df67
5b1ce55b0a878b5d76ec7e8bcc49992358fffacc7f9583b606f1c79a7f8c77c2
608a08d270843ea76943c0344017b6ec948e45cbb67042190f4db5d4ebd35c2c
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a268b8c61b80484f66c3f1b846a8cac2b16b3d26d81cb333992275e4657431
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7301da263f1eeb82d977395738fc9c1969d941ae548d5e0a2ea30e2abf9881a1
73474135da1c05450509885ede0ffc73df94a74a29e36faf4f92ce818bd761f6
77d4a309d15316ebca4b04ba6bfacec9523b22732cfaebf8eb0114b213a335c8
7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a
7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8
8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e
822471a9d5f4aff12bb4fd22a235ab72c1d317ca419f4f52cbfd042f35ba12ff
82bd2bae9822848102c101c9622b2795b0598baa218ad1b82c572bd3f4dda720
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a
89f45c1dc292c651416a90fbd5f3585a3be03f3ef8da8bfc6e840b93b5d441bb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3f7c911d1582b04745a69d60e851f4c10cf086eb9ff6a29e4417e217881518
91590b495555202fd8a216d206de5b716e827fcdc723486b9007b9ec714b30dd
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
943d646e594ac17f3685f072a480b07754d72d2fb595e9b7afaf5f8e9c440ed2
9a201d1da0b25de21554b10225d744d0c136817d1d08e79a4be09419154c06fd
9cab91f3ccb1d2ad1a78811a26bd5063d5920fe7a25abad09dd4e44af9320136
9e5457142cd6bcb6d0f67df7d990ff83edf3df9bccd64126a5026c62c029da5c
9f30e081789daab640b9ebfa210517f382b2d50969402b9db32e0a1642a9bc7e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c
a8905c07778a94159d7b297dbef92db645e1e28671a3014e674a2c543707751f
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
affa9c21e19bbab1871ef174f8ff889b3a1603c2efd588e774bfa715bcdfea25
b01bd450c0e2a1f95217c2b29b20fbcb92b46384f2019fe230c3c2325d52a530
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe5938695f5767abd5ccebd0aef9ff5267f6b0994196a1a6a50a5532ba9303
b5dd2c84fda954bb0def276c82c506ca5b6c4f84f063bd82e6b813c12ba90524
b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946
b9ea211ae5e16230bd91d1e79c2267c4af0644ce40bdb4e6ddd7036baf21fad0
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649
c06555e79916a3e898f2e981e1b9f34853c206982d4cc49baac76660254a7916
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
d0f13a22131fd2ed2bf9740816774446888e3f3f3aadaa1a46ebdc4ff5c0c199
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d88f84797ba2f2053b128b17102275fb455ea7ce371245de63daedf2ab5348c9
dc9c0210472da908d21e73701c914e53781c4688a7f4595ef8d0189b0a5070f4
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca
e185ca0df36101658cfe1ee78417ddec00b4e293295631b0be0d8428737a1421
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
edf6cc0ca66d29bb3e30ce70c436ae7d7e566f616b90f496ea1c655b73820db9
ee3fbd016af7ca7f3f07ea12f6ed51da7e33d0de9b8dce98c0039f5a8586c365
efbeebb3d6450d3590ef3c5b2b8da7de82fb34aa81ccfc750bf57926888b1219
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
f5f5784725bb0f49547b7065c1254be074efd0052187a26e8f4e3d21cf617157
f63b64f6e667b334b1656d61ac15b4c9f1a2d559660dd8c7ed90933916e10351
f9294f7f395774611fb12ac978c109269350d5ba40eab79a94dcd14d34252ff4
f9c56bf40c7dc06f00f7a70e6466cb0768900ff116d108f96a8c0ea6730215b0

www.more4momsbuck.com Open in urlscan Pro 2a00:1450:4001:801::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

80 %HTTPS

32 %IPv6

64 Domains

86 Subdomains

60 IPs

8 Countries

5561 kBTransfer

11102 kBSize

25 Cookies

81 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.more4momsbuck.com Open in urlscan Pro
2a00:1450:4001:801::2013 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

80 %
HTTPS

32 %
IPv6

64
Domains

86
Subdomains

60
IPs

8
Countries

5561 kB
Transfer

11102 kB
Size

25
Cookies

202 HTTP transactions
1 data transactions