www.mysavings.com Open in urlscan Pro
2606:4700:3108::ac42:28d4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://p.feedblitz.com/t3/971625/282049887_/17725271_/~www.mysavings.com/link-details/social-elf-invisible-sunscreen-sp...
Effective URL:
https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Submission: On September 19 via api (September 19th 2024, 6:50:57 pm UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 55 IPs in 5 countries across 33 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3108::ac42:28d4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mysavings.com.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.

This is the only time www.mysavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.192.6.65 104.192.6.65	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2 23	2606:4700:310... 2606:4700:3108::ac42:28d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	104.16.160.145 104.16.160.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.115 3.160.150.115	16509 (AMAZON-02) (AMAZON-02)
4	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:1600:f:20fd:b80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	74.208.8.75 74.208.8.75	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2600:9000:275... 2600:9000:275d:1000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
6	13.224.189.98 13.224.189.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:8400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.157.71.119 35.157.71.119	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1 5	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	87.230.98.78 87.230.98.78	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
3	2a02:6ea0:c70... 2a02:6ea0:c700::101	60068 (CDN77 _) (CDN77 _)
1	3.161.82.127 3.161.82.127	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	34.117.62.22 34.117.62.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	34.149.155.241 34.149.155.241	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.89 13.224.189.89	16509 (AMAZON-02) (AMAZON-02)
2	87.230.98.76 87.230.98.76	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	13.32.121.126 13.32.121.126	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:7800:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	107.178.250.95 107.178.250.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 9	2600:9000:225... 2600:9000:225e:5200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.214.163.35 35.214.163.35	15169 (GOOGLE) (GOOGLE)
1 2	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:8400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.123 18.245.31.123	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:aa51:265:7dd6:8fea	14618 (AMAZON-AES) (AMAZON-AES)
1	3.210.137.246 3.210.137.246	14618 (AMAZON-AES) (AMAZON-AES)
6	18.244.15.236 18.244.15.236	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.58 13.32.121.58	16509 (AMAZON-02) (AMAZON-02)
9	2a04:4e42::626 2a04:4e42::626	54113 (FASTLY) (FASTLY)
1	108.138.26.75 108.138.26.75	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::626	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:ba00:1b:6b7c:c940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
138	55

1 104.192.6.65 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail41.feedblitz.com

p.feedblitz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3108::ac42:28d4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.mysavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-115.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:1600:f:20fd:b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:4ad8 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.208.8.75 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail02.feedblitz.com

litags.feedblitz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:1000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.189.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-98.fra2.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.71.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-71-119.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.230.98.78 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ds87-230-98-78.dedicated.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::101 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-127.fra56.r.cloudfront.net

c.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.62.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.62.117.34.bc.googleusercontent.com

raptive.solutions.cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.155.241 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 241.155.149.34.bc.googleusercontent.com

raptive-auth.cloud.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
raptive-tests.cloud.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-89.fra2.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5050018.psmanaged.com

c.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-126.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:7800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.250.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.250.178.107.bc.googleusercontent.com

ads.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:225e:5200:1:a3fa:7cc0:93a1 (United States) 6 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.163.35 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 35.163.214.35.bc.googleusercontent.com

gpsb-reims.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:aa51:265:7dd6:8fea (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.137.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-137-246.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-58.fra60.r.cloudfront.net

context.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-75.fra56.r.cloudfront.net

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:ba00:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	mysavings.com 2 redirects www.mysavings.com	657 KB
10	jwplayer.com 6 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2590 entitlements.jwplayer.com — Cisco Umbrella Rank: 2323	7 KB
9	amazon-adsystem.com c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 5447 c.amazon-adsystem.com — Cisco Umbrella Rank: 356 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667 aax.amazon-adsystem.com — Cisco Umbrella Rank: 466	81 KB
9	google.com cse.google.com — Cisco Umbrella Rank: 3192 region1.analytics.google.com — Cisco Umbrella Rank: 4054 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 494	164 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	224 KB
8	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5020 buttons-config.sharethis.com — Cisco Umbrella Rank: 5566 l.sharethis.com — Cisco Umbrella Rank: 5316 count-server.sharethis.com — Cisco Umbrella Rank: 12668 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10702	51 KB
7	adthrive.com ads.adthrive.com — Cisco Umbrella Rank: 6684	562 KB
7	btloader.com 2 redirects btloader.com — Cisco Umbrella Rank: 869 api.btloader.com — Cisco Umbrella Rank: 1033	20 KB
6	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4558	170 KB
6	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 25701 cdn.consentmanager.net — Cisco Umbrella Rank: 15284 c.delivery.consentmanager.net — Cisco Umbrella Rank: 34931	127 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4855 onesignal.com — Cisco Umbrella Rank: 1583 img.onesignal.com — Cisco Umbrella Rank: 8786	115 KB
5	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2016	273 KB
5	optable.co raptive.solutions.cdn.optable.co — Cisco Umbrella Rank: 8151 raptive-auth.cloud.optable.co — Cisco Umbrella Rank: 7576 raptive-tests.cloud.optable.co — Cisco Umbrella Rank: 7601 ads.optable.co — Cisco Umbrella Rank: 7872	24 KB
5	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 106	3 KB
5	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 153 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213	182 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	155 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3998 rp.liadm.com — Cisco Umbrella Rank: 964 rp4.liadm.com — Cisco Umbrella Rank: 5572	45 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 506	145 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1700	173 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 194	4 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 907	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	181 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 808	32 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3276	42 KB
2	feedblitz.com 2 redirects p.feedblitz.com — Cisco Umbrella Rank: 155172 litags.feedblitz.com — Cisco Umbrella Rank: 249947	1 KB
1	jwpltx.com prd.jwpltx.com — Cisco Umbrella Rank: 2169	202 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 368	17 KB
1	iris.tv context.iris.tv — Cisco Umbrella Rank: 16870	885 B
1	jwplatform.com content.jwplatform.com — Cisco Umbrella Rank: 5175	43 KB
1	criteo.com gpsb-reims.criteo.com — Cisco Umbrella Rank: 9037
1	google.de www.google.de — Cisco Umbrella Rank: 10137	63 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	7 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 19996	1 KB
138	33

	Domain	Requested by
23	www.mysavings.com	2 redirects www.mysavings.com
9	cdn.jwplayer.com	6 redirects ads.adthrive.com content.jwplatform.com ssl.p.jwpcdn.com
7	ads.adthrive.com	www.mysavings.com ads.adthrive.com
6	assets-jpcust.jwpsrv.com	www.mysavings.com
6	aax.amazon-adsystem.com	c.aps.amazon-adsystem.com
6	pagead2.googlesyndication.com	www.mysavings.com pagead2.googlesyndication.com imasdk.googleapis.com
5	ssl.p.jwpcdn.com	content.jwplatform.com
5	www.google.com	cse.google.com www.google.com www.mysavings.com
5	www.facebook.com	1 redirects connect.facebook.net www.mysavings.com
5	btloader.com	2 redirects www.mysavings.com btloader.com
4	platform-cdn.sharethis.com	www.mysavings.com
4	connect.facebook.net	www.mysavings.com connect.facebook.net
3	securepubads.g.doubleclick.net	ads.adthrive.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	cdn.consentmanager.net	ads.adthrive.com b.delivery.consentmanager.net www.mysavings.com
3	onesignal.com	cdn.onesignal.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	imasdk.googleapis.com	content.jwplatform.com imasdk.googleapis.com
2	cdn.confiant-integrations.net	ads.adthrive.com cdn.confiant-integrations.net
2	sb.scorecardresearch.com	1 redirects www.mysavings.com
2	c.delivery.consentmanager.net	www.mysavings.com
2	raptive-auth.cloud.optable.co	raptive.solutions.cdn.optable.co
2	api.btloader.com	btloader.com
2	ad-delivery.net	www.mysavings.com
2	cse.google.com	www.mysavings.com www.google.com
2	www.googletagmanager.com	www.mysavings.com www.googletagmanager.com
2	cdn.onesignal.com	www.mysavings.com cdn.onesignal.com
2	code.jquery.com	www.mysavings.com
2	stackpath.bootstrapcdn.com	www.mysavings.com
1	prd.jwpltx.com
1	s0.2mdn.net	imasdk.googleapis.com
1	entitlements.jwplayer.com	content.jwplatform.com
1	img.onesignal.com	www.mysavings.com
1	context.iris.tv	ads.adthrive.com
1	rp4.liadm.com	www.mysavings.com
1	rp.liadm.com	1 redirects
1	config.aps.amazon-adsystem.com	c.aps.amazon-adsystem.com
1	content.jwplatform.com	ads.adthrive.com
1	gpsb-reims.criteo.com	ads.adthrive.com
1	ads.optable.co	raptive.solutions.cdn.optable.co
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.amazon-adsystem.com	c.aps.amazon-adsystem.com
1	raptive-tests.cloud.optable.co	raptive.solutions.cdn.optable.co
1	clients1.google.com	www.mysavings.com
1	raptive.solutions.cdn.optable.co	ads.adthrive.com
1	c.aps.amazon-adsystem.com	ads.adthrive.com
1	b.delivery.consentmanager.net	ads.adthrive.com
1	www.google.de	www.mysavings.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ad.doubleclick.net	www.mysavings.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	b-code.liadm.com	www.mysavings.com
1	litags.feedblitz.com	1 redirects
1	cdnjs.cloudflare.com	www.mysavings.com
1	cdn.ckeditor.com	www.mysavings.com
1	platform-api.sharethis.com	www.mysavings.com
1	p.feedblitz.com	1 redirects
138	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
www.feedblitz.com
www.shophermedia.com
login.shophermedia.net

Subject Issuer	Validity	Valid
mysavings.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-28` - `2024-09-26`	3 months	crt.sh
ckeditor.com Amazon RSA 2048 M03	`2024-06-11` - `2025-07-10`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.adthrive.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
btloader.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
ad-delivery.net WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
b.delivery.consentmanager.net R11	`2024-09-10` - `2024-12-09`	3 months	crt.sh
1376624012.rsc.cdn77.org E5	`2024-09-05` - `2024-12-04`	3 months	crt.sh
c.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-05-30` - `2025-06-29`	a year	crt.sh
raptive.solutions.cdn.optable.co WR3	`2024-08-26` - `2024-11-24`	3 months	crt.sh
join.ca.optable.co R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
c.delivery.consentmanager.net R10	`2024-08-11` - `2024-11-09`	3 months	crt.sh
ads.optable.co WR3	`2024-08-09` - `2024-11-07`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
gpsb-reims.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2024-11-27`	3 months	crt.sh
confiant-integrations.net WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
iris.tv Amazon RSA 2048 M03	`2024-06-13` - `2025-07-12`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-07-02` - `2025-08-03`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
jwpltx.com Amazon RSA 2048 M03	`2024-09-11` - `2025-10-10`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Frame ID: 086FF65679E57599B00A41F640D88364
Requests: 126 HTTP requests in this frame

Frame: https://www.facebook.com/v20.0/plugins/like.php?action=like&app_id=158527920864976&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df208b122221b1ff7c%26domain%3Dwww.mysavings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mysavings.com%252Ff89a3150bdacf4899%26relation%3Dparent.parent&container_width=1058&href=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true&width=100%3F
Frame ID: 0965D21EBD12A8C09E18A42F1D96FD84
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v20.0/plugins/comments.php?app_id=158527920864976&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8cf9f4e8bbb2e809%26domain%3Dwww.mysavings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mysavings.com%252Ff89a3150bdacf4899%26relation%3Dparent.parent&container_width=1058&height=100&href=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&locale=en_US&sdk=joey&version=v20.0&width=
Frame ID: 972BB4537E11C172C10DEDF2B7E60E8F
Requests: 1 HTTP requests in this frame

Frame: https://www.mysavings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 7FF7AF204DD8887160CBAEFDDA21BA1A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Frame ID: 0FD2BA68F724D8010016EE4128757A96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5769402196785176&output=html&h=499&slotname=5451170524&adk=2201676676&adf=1131256765&pi=t.ma~as.5451170524&w=998&abgtt=5&cr_col=4&cr_row=2&fwrn=2&lmt=1726771851&rafmt=9&format=998x499&url=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726771851160&bpp=2&bdt=258&idt=246&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=6796009973978&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=125&ady=1929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95342765%2C95339678%2C95342337&oid=2&pvsid=2844102113977785&tmod=964652342&uas=0&nvt=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=264
Frame ID: 3B5DC2E185EDA025340181A9ABF0848F
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/fdd08cf/html/i.html
Frame ID: 4544C653710D44B25A768E9109F2125B
Requests: 1 HTTP requests in this frame

Frame: https://ads.optable.co/ca/paapi/v1/dsp/ig/join?origin=7cb96ce5-1dbe-4b86-8a6f-e2692575c095&vid=v%3A6SD6KUOK1Ymo9RcePFMlaV
Frame ID: 5C5AB8D7B024E760510521312A78A579
Requests: 1 HTTP requests in this frame

Frame: https://gpsb-reims.criteo.com/paapi/join_ig?advertiser_id=500002_500329&ig_name=r6NnpiEx
Frame ID: CBB7A59BAED022FE294993A16455C7A9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html?gdpr=1
Frame ID: D947F3ACD8E81913B03F249CF7B66050
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 26B3ED85CEC397E4757F3B825E6A786E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1254B9A3BFD3CB83DF22F5B490F29E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Full-Size e.l.f. Invisible Sunscreen SPF 35 - Free Samples

Page URL History Show full URLs

https://p.feedblitz.com/t3/971625/282049887_/17725271_/~www.mysavings.com/link-details/social-elf-in... HTTP 302
https://www.mysavings.com/link-details/social-elf-invisible-sunscreen-spf/185652/?utm_source=feedblitz... HTTP 301
https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

138
Requests

88 %
HTTPS

42 %
IPv6

33
Domains

58
Subdomains

55
IPs

5
Countries

3502 kB
Transfer

10307 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MySavings/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mysavings/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://t.me/mysavingscom
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.feedblitz.com/tos/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.feedblitz.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.shophermedia.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://login.shophermedia.net/Welcome/LogInAndSignUp.aspx?SAFID=301430
Title: Publishers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://p.feedblitz.com/t3/971625/282049887_/17725271_/~www.mysavings.com/link-details/social-elf-invisible-sunscreen-spf/185652/?utm_source=feedblitz&utm_medium=FeedBlitzEmail&utm_campaign=Daily%20Samples%20and%20Savings&utm_content=_ HTTP 302
https://www.mysavings.com/link-details/social-elf-invisible-sunscreen-spf/185652/?utm_source=feedblitz&utm_medium=FeedBlitzEmail&utm_campaign=Daily%20Samples%20and%20Savings&utm_content=_&lctg=282049887 HTTP 301
https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com HTTP 302
https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true

Request Chain 24

https://litags.feedblitz.com/ HTTP 301
https://b-code.liadm.com/a-07fd.min.js

Request Chain 39

https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com HTTP 302
https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true

Request Chain 46

https://www.mysavings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.mysavings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

Request Chain 48

https://www.facebook.com/tr/?id=961674530618198&ev=PageView&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&rl=&if=false&ts=1726771851272&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726771851269.895205540999571048&ler=empty&cdl=API_unavailable&it=1726771851125&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1726771851125&cdl=API_unavailable&ler=empty&fbp=fb.1.1726771851269.895205540999571048&o=12318&ec=0&r=stable&v=2.9.167&sh=1200&sw=1600&ts=1726771851272&if=false&rl=&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&ev=PageView&id=961674530618198

Request Chain 94

https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js

Request Chain 101

https://rp.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&us_privacy=1---&wpn=lc-bundle&wpv=v3.1.0&cd=.mysavings.com&c=PHRpdGxlPkZyZWUgRnVsbC1TaXplIGUubC5mLiBJbnZpc2libGUgU3Vuc2NyZWVuIFNQRiAzNSAtIEZyZWUgU2FtcGxlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkdldCBhIEZSRUUgZnVsbC1zaXplIGUubC5mLiBzdW5zY3JlZW4hIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubXlzYXZpbmdzLmNvbS9mcmVlLXNhbXBsZXMvc29jaWFsLWVsZi1pbnZpc2libGUtc3Vuc2NyZWVuLXNwZi8xODU2NTIvIj48dGl0bGU-c2VhcmNoPC90aXRsZT48aDE-PHN0cm9uZz5GcmVlIEZ1bGwtU2l6ZSBlLmwuZi4gSW52aXNpYmxlIFN1bnNjcmVlbiBTUEYgMzUhPC9zdHJvbmc-PC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&us_privacy=1---&wpn=lc-bundle&wpv=v3.1.0&cd=.mysavings.com&c=PHRpdGxlPkZyZWUgRnVsbC1TaXplIGUubC5mLiBJbnZpc2libGUgU3Vuc2NyZWVuIFNQRiAzNSAtIEZyZWUgU2FtcGxlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkdldCBhIEZSRUUgZnVsbC1zaXplIGUubC5mLiBzdW5zY3JlZW4hIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubXlzYXZpbmdzLmNvbS9mcmVlLXNhbXBsZXMvc29jaWFsLWVsZi1pbnZpc2libGUtc3Vuc2NyZWVuLXNwZi8xODU2NTIvIj48dGl0bGU-c2VhcmNoPC90aXRsZT48aDE-PHN0cm9uZz5GcmVlIEZ1bGwtU2l6ZSBlLmwuZi4gSW52aXNpYmxlIFN1bnNjcmVlbiBTUEYgMzUhPC9zdHJvbmc-PC9oMT4&i6=MmEwMDpjOTg6MmYwMDoyMDphOjo2&n3pc=true

Request Chain 119

https://cdn.jwplayer.com/strips/46J7Jm9U-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt

Request Chain 122

https://cdn.jwplayer.com/v2/media/46J7Jm9U/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-720.jpg

Request Chain 123

https://cdn.jwplayer.com/v2/media/46J7Jm9U/poster.jpg?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-640.jpg

Request Chain 124

https://cdn.jwplayer.com/strips/46J7Jm9U-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt

Request Chain 129

https://cdn.jwplayer.com/strips/46J7Jm9U-120.jpg HTTP 301
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.jpg

Request Chain 134

https://cdn.jwplayer.com/v2/media/40wO5aRp/poster.jpg?width=120 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/4sodmtqo-120.jpg

138 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Redirect Chain

https://p.feedblitz.com/t3/971625/282049887_/17725271_/~www.mysavings.com/link-details/social-elf-invisible-sunscreen-spf/185652/?utm_source=feedblitz&utm_medium=FeedBlitzEmail&utm_campaign=Daily%2...
https://www.mysavings.com/link-details/social-elf-invisible-sunscreen-spf/185652/?utm_source=feedblitz&utm_medium=FeedBlitzEmail&utm_campaign=Daily%20Samples%20and%20Savings&utm_content=_&lctg=2820...
https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

32 KB
9 KB

160ms
160ms

Document
text/html

2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2e49e41f9966d268ace04217e1a12c1ee1717909802c3e23526a10f533cf6f32

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8c5bc3830c9fd291-FRA
content-encoding: br
content-type: text/html
date: Thu, 19 Sep 2024 18:50:50 GMT
expires: Thu, 19 Sep 2024 02:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFrB4qd9byPL7iv38BuAKcldbmIO%2B4esRJLz70UI%2BhPc48KhIr2VRP0yeZLogW%2Bn78kQWegtNccmtJRaZ3RqiCGHnaDzdBxN%2Bm6Lpm7WueUZFA2ns4lK0U0tp%2FDssfjU4%2Fx2Xs%2B0MmOGvpSnGbPd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8c5bc381f93cd291-FRA
content-type: text/html
date: Thu, 19 Sep 2024 18:50:50 GMT
expires: Thu, 19 Sep 2024 02:10:50 GMT
location: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CW7ANZmLhqBvo7IFyNEuyZKw72K05G4pRKSfm2TCHEk8SxLS5mi2tyUFwpfRHTtQpqLXm9b88x8CiY61kJ3e7UCtWaxOxauuucDYEZeezbmAtO%2BGKHW5MRodHzyU%2F6cMsuaTJrLjI3CgM2egp6Ps"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
26 KB 59ms
30ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

cdn-status: 200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
age: 16418621
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:50 GMT
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 12/27/2023 03:39:10
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0b2f7bb2268d62f7b6664f0dbc4ae944
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8c5bc3845e081e6c-FRA
access-control-allow-origin: *
cdn-edgestorageid: 756
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 main.css
www.mysavings.com/css/ 20 KB
5 KB 18ms
17ms Stylesheet
text/css 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/css/main.css?v=454
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3eac7ef484042aa095902f9b825934712a37a247833de999856ddfeb8650aef0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"6c7cdd2af19db1:0"
age: 3322
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2Bb0Vum8h5ZXRGCUdteFzP%2BOgk8GPK7iRgJq3idUBL9eAlnSoHVxQmv47ewIB3fjdmFMIDu4ihCmgcsVzKzxhChyPet3KsM2fX5P39a%2FZJSq3QGszRSNlY6uoUZogHpYQrKy%2B3yinkFLdCaLyw7f"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=33451
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:34 GMT
vary: Accept-Encoding
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc384392bd291-FRA
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 113ms
34ms Stylesheet
text/css 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-8c85"
age: 3203345
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 63421, 11957
x-served-by: cache-lga21981-LGA, cache-mad22080-MAD
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1726771851.999523,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8323
server: nginx

GET
H2 200 fontawesome.css
www.mysavings.com/fontawesome/css/ 90 KB
18 KB 22ms
21ms Stylesheet
text/css 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/css/fontawesome.css
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec67f7502e5a30d41b042b9d517cc86fd8ac60ed7f8331284047e7b08ff7fb5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"534282b218ddd91:0"
age: 3322
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwFGJWBmxUDLZbLE1y27tjTXbVfzKGOXWrPYSPdbHSyUMuLSHNZqdZ8lqHciOLfu7JiuK77m8dvKRinDjjY7FxEiTIbQCxEoUoNUQcILjVpBSlWwGdkx%2FM%2FcYdvTanXcn4aK%2BtgFtb6QcKwflyzl"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=113421
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: text/css
last-modified: Fri, 01 Sep 2023 21:10:12 GMT
vary: Accept-Encoding
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc3843936d291-FRA
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 brands.css
www.mysavings.com/fontawesome/css/ 19 KB
5 KB 20ms
19ms Stylesheet
text/css 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/css/brands.css
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d968ca24d2eed48f3bac3dfa785aa5d6c3f02c19b34600373862232783bfd93c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"d4696ab218ddd91:0"
age: 3322
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvfZR%2FlhrSm3NbhJ1SG9pildYnWaCO6EXl3%2BmxD86yZbjuElmBbfG2sGg6c3hov1oZC2C8x50DQwrCsExYnHnCtNTXq9jeYqOvsD0Vldq4tPxS5qlq8bhQ5mm2Xvp1HZbAVuvDxFsbaOh3pGLyUU"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=24006
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: text/css
last-modified: Fri, 01 Sep 2023 21:10:12 GMT
vary: Accept-Encoding
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc384393cd291-FRA
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 solid.css
www.mysavings.com/fontawesome/css/ 567 B
671 B 19ms
19ms Stylesheet
text/css 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/css/solid.css
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa70f0edea273b2e091c5bada7d5b4f01a165177b5821f936c0865510408891d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"f1a495b218ddd91:0"
age: 43
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Phcg%2BLpGgg93JZQJO0gM6qj4%2B%2BqLc3yHB5ODYjiOZZK%2BCpRJtHmUeAUKYlskf5SE466WseIs1IATl%2FT4%2B7ckLxkKeOoCxUnI%2Ft%2BGQhFM7%2B0MKslN9lao5IAq6ZToguFXWeyU0uKh0eu71VtpWhBm"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=625
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: text/css
last-modified: Fri, 01 Sep 2023 21:10:12 GMT
vary: Accept-Encoding
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc384393fd291-FRA
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 64ms
29ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 48
via: 1.1 google
cf-ray: 8c5bc3852deda043-FRA
expires: Sun, 22 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 45ms
7ms Script
text/javascript 3.160.150.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-115.fra60.r.cloudfront.net

Software

Resource Hash

98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=600, public
content-encoding: gzip
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age: 213
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: uRWtcjniFzU6ke-Ez_4boBPxvDkjf26a9l6zlMZj7pQILblSpQd2Xg==
edge-control: cache-maxage=60m,downstream-ttl=60m
date: Thu, 19 Sep 2024 18:47:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P7
x-frame-options: SAMEORIGIN

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
18ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

f731a0940866a9f92778bab6880e6a9d19fb4424f8e117abaa3183eeffc96225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

content-md5: 8bppUUOuhecV8bu4n25WBg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "d22df523aab9cc537243cefd3fe62ed5"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:05:48 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 5b74a244a77db5dddcbe027633cb6a6b
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: qnj4+xhAcxeP39TBma1MNDmNT4dv7vHDXB6NaPMaWGNGtYwaFwHQEv8p4tingCcUy/8+PT+wG26S6zreszuq9g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687

GET
H2 200 logo-1.png
www.mysavings.com/img/menu/ 3 KB
3 KB 34ms
30ms Image
image/webp 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/menu/logo-1.png
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 81c5aa804472f72c1277b1f38ec62c7dffa08698d1775e11779ab87680d9de88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cf-bgj: imgq:85,h2pri
etag: "a998d4c3e849d41:0"
age: 43
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXwPsAEbLnOZovAgE0Rc0yVUpzv6nBA5l2d%2BkgF2iFIPzO5ukAWUD3K3dOL%2FrGuuKvuiZo%2Bqe5MLe6Xs6bBpN8TvC%2FQ1dHR%2FNn5HD9OMCbT5%2Bs%2FT5SBGPPdORh2AjFn2NeE8l4LVYb6BbTtqK1B9"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4554
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/webp
content-disposition: inline; filename="logo-1.webp"
vary: Accept
last-modified: Tue, 11 Sep 2018 16:01:56 GMT
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc384fbfbd291-FRA
accept-ranges: bytes
content-length: 2724
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 185652.webp
www.mysavings.com/img/link/large/ 19 KB
19 KB 136ms
136ms Image
image/webp 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/link/large/185652.webp
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5056ef5dc93abf192b870cb1eed5637115845eb412d300ac7b319e05e41bb515

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "5a8166f297adb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcaIT1IvrM6dJeDSovS07K5MNpZhRlqLw1dmnHzeZHbXmoLmHBtkg%2FdalqGVgLHoNH3vtzWpMa%2BuFMW0qLBBut3M4qhkm0dv9IaEc0II2sgJh1Iga8J0uGFekRDF45azi%2BdG1h1LAMIeJzKmxGJt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3843941d291-FRA
accept-ranges: bytes
content-length: 19178
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/webp
last-modified: Thu, 19 Sep 2024 13:29:26 GMT
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 thumbs_up.png
cdn.ckeditor.com/4.5.9/full-all/plugins/smiley/images/ 959 B
1 KB 51ms
11ms Image
image/png 2600:9000:223e:1600:f:20fd:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ckeditor.com/4.5.9/full-all/plugins/smiley/images/thumbs_up.png

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:1600:f:20fd:b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

26ac57c9f26ec725511c7c97a9e0e005aa46710311033eb3f5f23ba355f80cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-amz-version-id: NGckOLdo64eOWpe41inq6b8t4LyvQN17
etag: "bb6ce02a0a423ef270217de51374f107"
age: 6611431
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: pl9Ezf547Q6fRh71bKyeKCG_7pTcS1drQUQG39EkSyp8Ck7150PxaA==
date: Fri, 05 Jul 2024 06:20:21 GMT
content-type: image/png
last-modified: Wed, 29 May 2024 09:00:50 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
content-length: 959
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P4
server: AmazonS3

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 98ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0bd7770256acfac7f23a450205b21e65979922e65f10d562a008193bc01f1637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
etag: 6838303674115239602
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52326
x-xss-protection: 0
server: cafe

GET
H2 200 cnn-logo.svg
www.mysavings.com/img/brand-logos/ 659 B
640 B 20ms
20ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/cnn-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c92d391cd3f5f7f462aa97d1614a6e946e3877f9c47e34c5af0aed8fcab206d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"8fecf3bfdecda1:0"
age: 1186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdKWfbYADV2iugfD0OpuDptqk99cNdK%2Fikdn1bf6oW8KLNO0%2FNZxbZc%2Fcs1JTqevUC1PpUPy0Eab77akDY6L%2FjRdmIusV1glm8RXqlrez1Uu7a8ZvbiinnlJzOM0K%2FKtgDqreyjZmr1W98ADo5zD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3843948d291-FRA
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 consumer-affairs-logo.svg
www.mysavings.com/img/brand-logos/ 8 KB
3 KB 17ms
17ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/consumer-affairs-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e905288a71864cfe41873d8947d35acc24e14701260cfb98de63ece8fd602d1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"ee8bd2bfdecda1:0"
age: 43
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1%2FwjKpY2hLNS9u0i7q1%2B4Qi3SZguNPn7Oud9XN5QKapZ6PsbVZ7K2gwMePlW72vczmEBoVS%2BPo6JYmqeDNVR2jkC0g4zEWa%2FYRuJkkrs%2FKYa0X8MfX9jhhpeggdPzci4H31IZC063N%2B9YyxpSdP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc38459ced291-FRA
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 msn-logo.svg
www.mysavings.com/img/brand-logos/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/msn-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 47b36eb029f6cf9e80b1d127237f0c060688e62193f156fafb5fc23a1d51ca84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"99a5ecfdecda1:0"
age: 1185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IigYjaRyBI2VCjSoPA1JXp93Htgu1nnHxSxQ7zud9E%2B46OL4KzWYCR2uUTevMVj%2BnUNCPWdv%2FR%2FWABiKtfLEGCzLwpmnw83ooX6me4TiOdc1thsA85z47PQKhoo77bI8en0y%2FRnwaxDctyhC6L60"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3847a3ad291-FRA
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 nbc-logo.svg
www.mysavings.com/img/brand-logos/ 3 KB
2 KB 17ms
17ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/nbc-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09b8b4495d2a9fdb2abd2e27fa38b1ef1b0ad15beb03187b2bff4f6ce9f51513

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"7979bfbfdecda1:0"
age: 1185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29W46OTlWjRu%2BTpLiYw68aQgZdY0%2BrVub64accYTbuQ2i1z0HnStEIH7V1uKls%2BBcC18eKWE6AgO3nGBk3JIw9%2FbVt6wI0yqWQVcBJKRymRjGbfjfGIiVTHST96CUfPnz9S8wGsHhfmKIOVXqt9n"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3849ab0d291-FRA
date: Thu, 19 Sep 2024 18:50:50 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:32 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 newsweek-logo.svg
www.mysavings.com/img/brand-logos/ 5 KB
2 KB 20ms
18ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/newsweek-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7558b9eeeb5b669f38962273e76bade587ba5a6f5db75b6dca8295c4df501246

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"ad50d7bfdecda1:0"
age: 44
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcirLLBhh0hb3uhur5BXjzDA1sS3%2B52mKNdwu5bLCL745m6zLsBQOX73MUBFZJMugB%2Fw%2BhzKvXXEyQfp2ycQdJNljtwdXFmXW8B0MOPF98GBZyIp8rURiVXS1Bf0nZVyiC5M3g2Wrs%2BouVGewH0F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc384fc02d291-FRA
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 the-washington-post-logo.svg
www.mysavings.com/img/brand-logos/ 10 KB
5 KB 38ms
37ms Image
image/svg+xml 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mysavings.com/img/brand-logos/the-washington-post-logo.svg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e8f20582bf9fc7335f30f8ba3542fd2121a682517228f5c71904362a07e8a4e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"d0c7b5bfdecda1:0"
age: 1185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JV8KrBAvF6So2eB%2FJRVolWMzbOfv0bSkxiwTMME2I2JlJcuqlxuMGE54UkH0rht8a%2BrxIGkBLJ12E3bIYYA1Am11eWGBNqtGreDO56BwHLCJ0Cmsdo1ItpZY2OgU2Qz65KSfLwJaWndxCft73A%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc384fc06d291-FRA
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Aug 2024 21:17:32 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 173ms
48ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-1111d"
age: 3833014
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 30636, 35449
x-served-by: cache-lga21982-LGA, cache-mad2200122-MAD
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1726771851.142253,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24038
server: nginx

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 65ms
29ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-520c"
age: 13518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8DPKXkqzzv28cCr4NltpV7WgbtfJS7eHX28Lf4zHYLBmvhNfMwXMQct1Nmz860NGtOljBIoljQuqUeqEE9o2Px7Hk9xvOhYn3KtkibsHzAu7PXcVLNB4Yd%2FhNreaBHZY476WBZ%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Sep 2025 18:50:51 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc3852a529bce-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6646
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 37ms
34ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

cdn-status: 200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67176c242e1bdc20603c878dee836df3"
age: 2119333
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/31/2023 18:58:40
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7da9f869752ff685e73075f84b91f2b7
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8c5bc384eeeb1e6c-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1048
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 script_common.js Show response
www.mysavings.com/js/ 6 KB
2 KB 35ms
30ms Script
application/javascript 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/js/script_common.js
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec3e28d43a25488eaa3a0c7b33017c0b20a2f5f72a56a8fc38b6c71221cc2e64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"f7e585f12082da1:0"
age: 3323
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VaVSEPOHuQ59ToWK95i5a%2FmGshsTfTdKiHlxntS5MhYsc3d7o1ytrsp5puzcBYJOA7ZMYZ6NEmfNwTdyQH3H4fQAzAV6m4%2FSkHvs3dp3R71EXRdd1tzuzulbfKFFMfBq0gxmSVoi6uZJ2qnpzrA"}],"group":"cf-nel","max_age":604800}
cf-polished: origSize=10382
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 21:34:56 GMT
vary: Accept-Encoding
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c5bc384fbf6d291-FRA
x-powered-by: ASP.NET
server: cloudflare

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com
https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true

56 KB
19 KB

19ms
19ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b126fb14643f325a926ad3532c7d7426012dad8961a137c4f5a000ea3c3a6e91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "8bf4d263b73290800a93fe23b0e4507b"
age: 1848
via: 1.1 google
cf-ray: 8c5bc38579c8048b-FRA
accept-ranges: bytes
content-length: 19211
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:16:14 GMT
vary: Origin, Accept-Encoding
server: cloudflare

Redirect headers

cache-control: public, max-age=3600, must-revalidate
location: /tag?o=5698917485248512&domain=mysavings.com&upapi=true
cf-cache-status: HIT
age: 1848
via: 1.1 google
cf-ray: 8c5bc3852962048b-FRA
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2

200

a-07fd.min.js Show response
b-code.liadm.com/
Redirect Chain

https://litags.feedblitz.com/
https://b-code.liadm.com/a-07fd.min.js

127 KB
44 KB

52ms
12ms

Script
application/javascript

2600:9000:275d:1000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-07fd.min.js
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2600:9000:275d:1000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d72c19754947c05f42c35c3686995f025610a88ab9b6ab384063bb09b47ac869

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 3469
via: 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: sTuHRZ8ebu-mdJZDMrmRbuc1bdPST-EE9JMLofZ86I-LUR2xPGXdjQ==
date: Thu, 19 Sep 2024 17:53:02 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P11

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://b-code.liadm.com/a-07fd.min.js
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 248
X-XSS-Protection: 1
Date: Thu, 19 Sep 2024 18:50:50 GMT
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Frame-Options: sameorigin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
74 KB 77ms
28ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSC2DNVS

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50b44a83a02d180f9a7c26d0a154b37ad51b27013bf65829ec84ed53a731c6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 74978
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ 101 KB
27 KB 286ms
252ms Script
application/javascript 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 91cf968eb18b505da5ddaa458c1309b864ccab0aea882d8587fd488f377dd708

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
access-control-allow-methods: GET, HEAD
expires: 0
x-cache: Miss from cloudfront
x-amz-cf-id: P-jh_0T54zmcQx51wLpx0u9LEC6Iw9GqBm5UPMTkzJ_vIzFit_nE-w==
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript
vary: Accept-Encoding
adthrive-gdpr: true
adthrive-bucket: flex-69
cache-control: no-store, must-revalidate, s-maxage=28800
pragma: no-cache
adthrive-deployment: 2024-09-19-01:ade-1665:pr5322:fdd08cf:4
adthrive-commit: fdd08cf
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
server: CloudFront

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 26ms
17ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: +d4tVUL1958vAr7zceFJYvMxMR46ljkertLvSDfMH05b5u6a7ZIVe8bZH1NxrYN6tngTrJXiUS11Vw+F0iFpAA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 404 fa-brands-400.woff2
www.mysavings.com/fontawesome/webfonts/ 0
0 173ms
172ms Font
text/html 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/fontawesome/css/brands.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/fontawesome/css/brands.css

Response headers

cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVQcUkRkf5TLLkNSnO0HarwljhKb0oApHh%2Fz3VAH%2FJnMY29otqqgk%2BdcxDuABvHgP9lNHjnEy69FJ9BT3yX0oywpYjLFsjl%2Fs3XJ75k4ZWxiGiao85CJ2pZ6cz9KmU9pKRqWq27YL2XHoNyDmAfJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3853ce9d291-FRA
expires: Thu, 19 Sep 2024 02:10:51 GMT
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/html
x-powered-by: ASP.NET
vary: Accept-Encoding
server: cloudflare

GET
H2 404 fa-solid-900.woff2
www.mysavings.com/fontawesome/webfonts/ 0
0 195ms
195ms Font
text/html 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/fontawesome/css/solid.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/fontawesome/css/solid.css

Response headers

cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMjeebIGiDIZyQPSdwvlzwm55oEHsoPDnA8zMp4g05z%2F3ekY6hIT13MQhN0yo5%2B5JIpHj8i2Fndn8Fi4CranIsbwkQUKRuci3eJoTojzYwUvuwCx06juv5EegQdx%2FkWdEd4Zbgi43%2BSGfG5W4%2Bbb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3853cedd291-FRA
expires: Thu, 19 Sep 2024 02:10:51 GMT
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/html
x-powered-by: ASP.NET
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 8ms
8ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=82a3ad038f880adf2081f8831cec8f07

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b1165511050c82f20eb56b6126170c3049a09c6f6af7da5496d6c6703797197e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/

Response headers

content-md5: pEGGRxyG5hnv3UIDF3D4rQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "3370a60f97216241e63a530b722971d3"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 19 Sep 2025 16:38:49 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 18c75c5f8a59a5763e837ec85b8ea4fc
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=27, mss=1232, tbw=8824, tp=16, tpl=0, uplat=1, ullat=-1
x-fb-debug: 2JQq7zEmahYV4kvT0ZFzCiWI5SnSjE/3eNGZCmiT8yyOxr8TZwZ65xVnoLz2PtcVVwCakXgBIxNJSaY+CZ8r8A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 84027

GET
H2 200 5e694a2a6f59fc00122f312e.js Show response
buttons-config.sharethis.com/js/ 611 B
1 KB 541ms
397ms Script
text/javascript 2600:9000:206f:8400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5e694a2a6f59fc00122f312e.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1e82be726a2c4201fbd8ab4bca1fdc9aa23d334be46c2bd933204c8c51b7732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: public, max-age=60
etag: "764a60761dc5914a23ebcca5559d4d34"
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 611
x-amz-cf-id: sd6ujbcAdCyrQJNjw5dRqxtzKT0WmnVuZ8AEJLaXZyB7Prt3i9zJ-g==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript
last-modified: Tue, 27 Aug 2024 02:34:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
404 B 170ms
16ms XHR
text/plain 35.157.71.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.mysavings.com&location=%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Free%20Full-Size%20e.l.f.%20Invisible%20Sunscreen%20SPF%2035%20-%20Free%20Samples&cms=sop&publisher=5e694a2a6f59fc00122f312e&sop=true&version=st_sop.js&lang=en&description=Get%20a%20FREE%20full-size%20e.l.f.%20sunscreen!&ua=&ua_mobile=false&ua_full_version_list=&uuid=34ec4b31-c832-4719-a872-cf77d66ce49e

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.71.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-71-119.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.mysavings.com
Date: Thu, 19 Sep 2024 18:50:51 GMT
Access-Control-Allow-Headers: *

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 54ms
53ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 2212
via: 1.1 google
cf-ray: 8c5bc3857e72a043-FRA
expires: Sun, 22 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H3 200 961674530618198 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 57ms
56ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/961674530618198?v=2.9.167&r=stable&domain=www.mysavings.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

301ada58813ba2aeb9eb068267a6e1f8df32023a45634e1a2dbaa80f7344d9bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=74, mss=1232, tbw=67212, tp=65, tpl=0, uplat=48, ullat=0
pragma: public
x-fb-debug: 01/Fjrf/0WrH3Z3YKpbS10VtQDwIJoDt+frAh/N2lVg/F5R9xQdC3bx/0Wg0REA+38IFCgcrfBjEch5I7BK7ZQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-51BWT046PC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSC2DNVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5072ec4cc89b11018683fa9cee39aab20f6b4cb72519506ea164698b7ae1295f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 18:50:51 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109734
date: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 416 KB
140 KB 59ms
59ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5769402196785176&plah=www.mysavings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e80db8237050c92c698e5c785e747d32e079dfd8a759bedc80e7ac81102034c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
etag: 2038295840050716062
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 142868
x-xss-protection: 0
server: cafe

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 144ms
36ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-5769402196785176:1447583447

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

49dafd224dfd66e81842a2d933b77252edc874f3ade51da703db93f311ebe1f2

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-3UfxjjNe9m73Qj9IaaIE_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3UfxjjNe9m73Qj9IaaIE_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3296
date: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: gws
x-frame-options: SAMEORIGIN

GET
H3 200 web Show response
onesignal.com/api/v1/sync/976a0084-4a39-40d6-9e7d-b2f700c17d45/ 4 KB
2 KB 88ms
27ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/976a0084-4a39-40d6-9e7d-b2f700c17d45/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d813c610e838425c47ff04f2db00c091f83e8817c61f4d9ed0e3062edd1a315d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-request-id: 97f9a474-9ce6-4aed-9da3-5ca0239a96d5
content-encoding: br
cf-bgj: minify
etag: W/"af2e114bed3665732bf79f67f15b0dac"
age: 3469
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:50:51 GMT
cf-polished: origSize=4579
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.030873
x-frame-options: SAMEORIGIN
access-control-allow-headers: SDK-Version
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
x-download-options: noopen
cf-ray: 8c5bc386788cd22b-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2

200

tag
btloader.com/
Redirect Chain

https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com
https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true

56 KB
38 B

21ms
20ms

Other
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5698917485248512&domain=mysavings.com&upapi=true
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b126fb14643f325a926ad3532c7d7426012dad8961a137c4f5a000ea3c3a6e91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "8bf4d263b73290800a93fe23b0e4507b"
age: 1848
via: 1.1 google
cf-ray: 8c5bc386db82048b-FRA
accept-ranges: bytes
content-length: 19211
date: Thu, 19 Sep 2024 18:50:51 GMT
last-modified: Thu, 19 Sep 2024 18:16:14 GMT
vary: Origin, Accept-Encoding
server: cloudflare
content-type: application/javascript

Redirect headers

cache-control: public, max-age=3600, must-revalidate
location: /tag?o=5698917485248512&domain=mysavings.com&upapi=true
cf-cache-status: HIT
age: 1848
via: 1.1 google
cf-ray: 8c5bc3852962048b-FRA
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 websiteconfig Show response
btloader.com/ 755 B
677 B 33ms
15ms Fetch
application/json 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5698917485248512&w=mysavings.com
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ba328a9faf1a69dc71ec709f371b28c856e2dec347637f1930257b033c910d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "b04595b53fd65ed6538e362038920e9c"
age: 1185
via: 1.1 google
cf-ray: 8c5bc3863e22d25a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/json
last-modified: Thu, 19 Sep 2024 18:30:44 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
920 B 82ms
25ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2044140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfrmdIMzfuEWr1nysd0D1DSj7qejV0DybVC17Mtw%2BdfEQJiZP39AqkOvWuhsLU%2BYbXb8p1KqLbOs07MBOl1dNdIs5m%2B1J4XfW50GjV2I1TJYtDrUTrOE1lB1ZV6okZ9OKBlL9IfS%2BANOl0zn0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Tue, 27 Aug 2024 03:45:06 GMT
x-goog-stored-content-length: 43
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHxI1nM0PwkVwFEsFyRCvmKvP14OonOKTL0n9hNrY7fDdFyuB5k18dpVqPD0_Jts94wGY_aBxFqInZb8rg
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8c5bc3867b03d349-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 83ms
26ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
age: 43250
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 06:50:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 06:50:01 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
349 B 82ms
25ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7249410638807665
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2044140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNqr8m%2F%2BJ95BTLCqLLAJVUv%2B%2B4%2FKoMNgOkWFIxMIPcAfObcdjIl%2BLz6JbHPZ9DUOZPyzEM%2BZFvLyU%2Fi9miLvkRbv0EFNxcR8K7ZMGBlp9oTk8atHamAtfiPUcAuB5UIizreIhAuzq4mOqN%2FNfw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Tue, 27 Aug 2024 03:45:06 GMT
x-goog-stored-content-length: 43
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHxI1nM0PwkVwFEsFyRCvmKvP14OonOKTL0n9hNrY7fDdFyuB5k18dpVqPD0_Jts94wGY_aBxFqInZb8rg
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8c5bc3867afcd349-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 like.php
www.facebook.com/v20.0/plugins/ Frame 0965 0
0 150ms
118ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v20.0/plugins/like.php?action=like&app_id=158527920864976&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df208b122221b1ff7c%26domain%3Dwww.mysavings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mysavings.com%252Ff89a3150bdacf4899%26relation%3Dparent.parent&container_width=1058&href=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true&width=100%3F

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=82a3ad038f880adf2081f8831cec8f07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Thu, 19 Sep 2024 18:50:51 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416428627742611901"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416428627742611901"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2817, tp=-1, tpl=-1, uplat=104, ullat=0
x-fb-debug: +DXvUhNuvGeCI94j1Of18fDPjONiG8J++FicF3j/FkGZhgOELEYclzqiYvLy93rw++PHnRMp6hMN7JhEIaTUFw==
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/v20.0/plugins/ Frame 972B 0
0 148ms
119ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v20.0/plugins/comments.php?app_id=158527920864976&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8cf9f4e8bbb2e809%26domain%3Dwww.mysavings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mysavings.com%252Ff89a3150bdacf4899%26relation%3Dparent.parent&container_width=1058&height=100&href=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&locale=en_US&sdk=joey&version=v20.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=82a3ad038f880adf2081f8831cec8f07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Thu, 19 Sep 2024 18:50:51 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416428628097743853"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416428628097743853"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=5025, tp=-1, tpl=-1, uplat=104, ullat=0
x-fb-debug: UHpTVO/jOzf96+G/VmTcMFE9/RjNLtlXL/KT3X2GuPR3sWWkGvbENI3CvaJ1HigLNMXBAXGHmV0ioosaUvZIqg==
x-frame-options: DENY
x-xss-protection: 0

GET
H2

200

main.js Show response
www.mysavings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 7FF7
Redirect Chain

https://www.mysavings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.mysavings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

15ms
14ms

Script
application/javascript

2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mysavings.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Server

2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab97d7ae9c9a1a80b3624f1d08029457444e5affd94ed65871a04b4ffb81bcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Fx%2BTBV8McQQwSbbErK84gz1xS4G9CeUPReZnALyLNdLJRaAnKpmjzej700GpH8Mr06qcclOJ0OChxGwvqpMGCj3GmcAMwRyiGdO%2BkbkeRFaumUChf2Ul8sYGN2uiA73Pj2mS%2Br6thdrAM2O5KEH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c5bc386dafdd291-FRA
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HvB3B2H1iRpRZPT%2Fad7IfeRgFHfFtn8JWU319f65%2FeuOH6IOCMFR69X8eqJ2yfD%2BZ18M9tcnyGhj3FT%2Bmq60HKtza9UhyHqUPwNmnwRHVqX2VBZ70cNJYILpDujScXFksaGJ%2BCttuCPsHZH8DpY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc38638d1d291-FRA
access-control-allow-origin: *
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fa-brands-400.ttf
www.mysavings.com/fontawesome/webfonts/ 185 KB
186 KB 23ms
22ms Font
application/octet-stream 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/webfonts/fa-brands-400.ttf
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/fontawesome/css/brands.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 003f11541856a649a6c8235c6266c8936224c5d609e51442da24dc5556d14fbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/fontawesome/css/brands.css

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "d86fab218ddd91:0"
age: 3322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0fx0DCG24vrjhR1lpWg3Wx3d84dEIRRWIHPvWYTzyqxzh4tyjLH1X7AT2b8TJzTh3kcrI3C02DJtcM1TSWzm2iA1LjgRm2hadfdWwCYcsZetEBFyMd8r4FBXJ6X7XkOp7vDmws1qGVKZhGZ4pmj"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3865925d291-FRA
accept-ranges: bytes
content-length: 189684
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/octet-stream
last-modified: Fri, 01 Sep 2023 21:10:13 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=961674530618198&ev=PageView&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&rl=&if=false&ts=1726771851272&sw=1600&...
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1726771851125&cdl=API_unavailable&ler=empty&fbp=fb.1.1726771851269.895205540999571048&o=12318&ec=0&r=stable&v=2.9.167&sh=1200&sw=1600&ts...

0
129 B

10ms
8ms

Image
text/plain

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1726771851125&cdl=API_unavailable&ler=empty&fbp=fb.1.1726771851269.895205540999571048&o=12318&ec=0&r=stable&v=2.9.167&sh=1200&sw=1600&ts=1726771851272&if=false&rl=&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&ev=PageView&id=961674530618198

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=12, mss=1297, tbw=3410, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/plain
server: proxygen-bolt

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
location: /tr/?redirect=0&rqm=GET&coo=false&it=1726771851125&cdl=API_unavailable&ler=empty&fbp=fb.1.1726771851269.895205540999571048&o=12318&ec=0&r=stable&v=2.9.167&sh=1200&sw=1600&ts=1726771851272&if=false&rl=&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&ev=PageView&id=961674530618198
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 187ms
159ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=961674530618198&ev=PageView&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&rl=&if=false&ts=1726771851272&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726771851269.895205540999571048&ler=empty&cdl=API_unavailable&it=1726771851125&coo=false&rqm=FGET

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416428628652981144"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: rS2RfrgBfV/LksI9k2yZ5ae1biGMtj6RDqiIewtQXMx0qCH8/pXc+S0sp4UMbivz49aUdrjWti3I4J+FxBvuMg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416428628652981144", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=12, mss=1297, tbw=3583, tp=-1, tpl=-1, uplat=145, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 fa-solid-900.ttf
www.mysavings.com/fontawesome/webfonts/ 385 KB
386 KB 25ms
24ms Font
application/octet-stream 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/fontawesome/webfonts/fa-solid-900.ttf
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/fontawesome/css/solid.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cea79b345caf49d6223098b8a2b04d70273e8d7c6b9e3d03cf7f7a267793e9aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.mysavings.com
Referer: https://www.mysavings.com/fontawesome/css/solid.css

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "866130b318ddd91:0"
age: 3322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGqR7YEm11HTipNDG8mHFRNAXPfWyhsUbbnqXv07P%2FQqQC%2B0sHrUsyYZVuSbTAP88bj0X%2B5IDG1SicZ6SyZrETVtJryDPbK7ypsZ%2BbqzDr%2FhsVfP%2BC9fyB7Q5mjVqcIX6RMVatpwXb7K%2BLWK1331"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc38689ebd291-FRA
accept-ranges: bytes
content-length: 394668
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/octet-stream
last-modified: Fri, 01 Sep 2023 21:10:13 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 71ms
22ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-51BWT046PC&gtm=45je49h0v9117655950z89194169091za200zb9194169091&_p=1726771851020&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=764802208.1726771851&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726771851&sct=1&seg=0&dl=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&dt=Free%20Full-Size%20e.l.f.%20Invisible%20Sunscreen%20SPF%2035%20-%20Free%20Samples&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1876
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51BWT046PC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mysavings.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 70ms
21ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-51BWT046PC&cid=764802208.1726771851&gtm=45je49h0v9117655950z89194169091za200zb9194169091&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51BWT046PC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mysavings.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 211ms
165ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-51BWT046PC&cid=764802208.1726771851&gtm=45je49h0v9117655950z89194169091za200zb9194169091&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=865027386

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 170ms
129ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5698917485248512
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/json
vary: Origin

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240916/r20110914/ Frame 0FD2 0
0 47ms
19ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5769402196785176&plah=www.mysavings.com

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 82982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4126
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 19:47:49 GMT
etag: 14908419571193397619
expires: Wed, 02 Oct 2024 19:47:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 3B5D 0
0 527ms
508ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5769402196785176&output=html&h=499&slotname=5451170524&adk=2201676676&adf=1131256765&pi=t.ma~as.5451170524&w=998&abgtt=5&cr_col=4&cr_row=2&fwrn=2&lmt=1726771851&rafmt=9&format=998x499&url=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726771851160&bpp=2&bdt=258&idt=246&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=6796009973978&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=125&ady=1929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95342765%2C95339678%2C95342337&oid=2&pvsid=2844102113977785&tmod=964652342&uas=0&nvt=1&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=264

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 18:50:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/8fa85d58e016b414/ 286 KB
94 KB 88ms
54ms Script
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5769402196785176:1447583447

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 95840
x-xss-protection: 0
server: sffe

GET
H3 200 default+en.css
www.google.com/cse/static/element/8fa85d58e016b414/ 41 KB
9 KB 56ms
23ms Stylesheet
text/css 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5769402196785176:1447583447

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 9068
x-xss-protection: 0
server: sffe

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 50ms
16ms Stylesheet
text/css 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-5769402196785176:1447583447

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
age: 1243
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:20:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:30:08 GMT
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1345
x-xss-protection: 0
server: sffe

GET
H2 200 cmp.php Show response
b.delivery.consentmanager.net/delivery/ 5 KB
3 KB 86ms
45ms Script
text/javascript 87.230.98.78
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN_FR&o=1726771851434

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ds87-230-98-78.dedicated.psmanaged.com

Software

Resource Hash

e734e1e5c632eee2d001d3db86a0d3877abba6290ffe925841444d2003019924

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: no-store, no-cache, must-revalidate
last-modified: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 cmp_final.min.js Show response
cdn.consentmanager.net/delivery/js/ 440 KB
96 KB 73ms
16ms Script
application/javascript 2a02:6ea0:c700::101
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_final.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 44356122b0915edd27f981063bccdccd709656abd3181959cdb86af445111d23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: W/"6e1ea-622560e607c00"
x-77-cache: HIT
expires: Wed, 18 Sep 2024 20:05:48 GMT
x-cache: HIT
x-age: 81898
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: max-age=86400
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 19:54:24 GMT
x-77-nzt-ray: 0d1fa518ce0b6cbc8b72ec664c97841d
vary: Accept-Encoding
x-77-nzt: EgwBJRPCTwH36j8BAAwBJRPCNAW1AAAAAA
cache-control: max-age=86400
x-77-pop: frankfurtDE
x-accel-date-max: 1726603548
x-77-age: 81898
x-accel-date: 1726689953
server: CDN77-Turbo
x-accel-expires: @1726776353

GET
H2 200 marmalade Show response
ads.adthrive.com/api/v1/ 5 KB
2 KB 729ms
711ms Fetch
application/json 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v1/marmalade?siteid=5613da4c5ed284b838a5d9d7&url=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: /
Resource Hash: 838ef0cfa9936fb2d9c7510083e541ec786f56f855a0f3283706495e819ab666

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: max-age=3600, s-maxage=3600
content-encoding: br
x-amz-apigw-id: eXbV4FyioAMEHkw=
x-amzn-trace-id: Root=1-66ec728b-285215a22fd4af1f20395b06;Parent=400c1a8be19f076a;Sampled=0;Lineage=1:e948d84a:0
access-control-allow-methods: GET
x-amzn-requestid: eaf634d7-c12e-4422-bf8c-91ed916438ff
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: sCJAGbooOMI405Q1ipliruEHNG3OPTvlb1sJBhjVWVDYDSriAX7WeQ==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/json
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C1

GET
H2 200 apstag.js Show response
c.aps.amazon-adsystem.com/ 336 KB
74 KB 70ms
14ms Script
application/javascript 3.161.82.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aps.amazon-adsystem.com/apstag.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-127.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56405c402c58ad8bf46649f63e24ca5a60de0e94581ff9aa40b46ee039abd673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
x-amz-version-id: RrOtfG5OEzJZ63i85aDRHuDr7yqmiOe2
etag: W/"f8cbd90fe391058e0f731cf71fce8927"
age: 367
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gDfKf8vuVFFL1pvZR-G8swlcmhVxnvsc3NhmTCMAeHaGFw32WFViXg==
date: Thu, 19 Sep 2024 18:44:45 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Fri, 13 Sep 2024 02:26:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
32 KB 109ms
60ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7d1dddfe98f3efe4c9a8c5850633c84fa8a7d289bde28b30d33b98b87270c8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
etag: 909 / 19985 / m202409160104 / config-hash: 11398383833200361203
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32976
x-xss-protection: 0
server: cafe

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/builds/core/fdd08cf/gdpr/vendor/prebid/es2018/ 657 KB
175 KB 13ms
12ms Script
text/javascript 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/fdd08cf/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26b8f5680df8c6ab979154885014a5872182283bc267ba2ea77f18072b2a8cbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=86400
content-encoding: br
x-amz-version-id: BeFuNLduvZdZRiXB9Py_FtoXB0nc3k0B
etag: W/"9d21cca965eb47a352f21a1903348877"
age: 879
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: jk1ayBYikKGFs8KTAcs_JLGNOU2HzQ5RhU_ppwv26WtCTz3vttxV5Q==
date: Thu, 19 Sep 2024 18:36:15 GMT
content-type: text/javascript
last-modified: Thu, 19 Sep 2024 15:41:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256

GET
H2 200 raptive-sdk.js Show response
raptive.solutions.cdn.optable.co/public-assets/ 22 KB
22 KB 75ms
16ms Script
text/javascript 34.117.62.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.62.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.62.117.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ea2a0a70897b8fff3df0cbd90408da4a590c4295e22387ea6cc467655d37db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=Bt04eA==, md5=8yBaDYd4YBhgjVvNMk2cfw==
etag: "f3205a0d87786018608d5bcd324d9c7f"
age: 1594
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22145
date: Thu, 19 Sep 2024 18:24:17 GMT
last-modified: Fri, 30 Aug 2024 15:07:22 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljtNCRsHL78DmcDFokiFm334Iqx40ex6sBlU-mb1Kg-8X7e3aeVY4aBGvSSE-9aVCSeDj0s
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=86400,no-transform
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1725030442103461
content-length: 22145
server: UploadServer

GET
H2 200 5613da4c5ed284b838a5d9d7 Show response
ads.adthrive.com/api/v2/raptiveFloors/ 42 KB
6 KB 50ms
33ms XHR
application/json 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v2/raptiveFloors/5613da4c5ed284b838a5d9d7
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: /
Resource Hash: 5c2a7e772d19e26c4ddc5db187fde5eca389a0798d5945d6f232e0de6d5209b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
x-amz-apigw-id: eXaVsHH9IAMEAWg=
age: 410
x-amzn-trace-id: Root=1-66ec70f0-09a976670e9a212825d24323;Parent=7746692d80a6fae6;Sampled=0;Lineage=1:e7e36c41:0
access-control-allow-methods: GET
x-amzn-requestid: e93a2532-ecca-43c7-ba5b-cc5cc321975b
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: AokwWCZdxyAKbvO8Bg1cVRDSIKCBSPLXq8z4EHyTamm77rjNFzw8rw==
date: Thu, 19 Sep 2024 18:44:01 GMT
content-type: application/json
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C1

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/builds/core/fdd08cf/es2018/js/ 1 MB
351 KB 49ms
49ms Script
application/javascript 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.js?referrer=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 02ade0e04bd20898b23ec3c771c2fda677e4c404a4a3a98e505e1924b5c39aa3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: max-age=3600, s-maxage=86400
content-encoding: gzip
age: 8053
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 359135
x-amz-cf-id: 00R0QpRRt534Wi8oNayQmExfgqdHE0ku6OKmLbOXTJLahJKV9RSsVA==
date: Thu, 19 Sep 2024 16:36:38 GMT
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
server: CloudFront

POST
H2 200 8c5bc3830c9fd291 Show response
www.mysavings.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7FF7 0
886 B 36ms
27ms XHR
text/plain 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/cdn-cgi/challenge-platform/h/g/jsd/r/8c5bc3830c9fd291
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8c5bc388594bd291-FRA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXVSSWRWw%2BoLZO%2FJrMn9j7Tsl14ssE2y3l46GNleqvuYtZIaUQc%2Fsqhlk4PhVekYbtFtPzvLHeE6YCHoH1elYuaxVsK4dZXodGTB%2B0PnSYz%2B4%2BDIH1eRi%2BMuAsRnaY%2FPHCEQ%2BRL4q4ppcOCGPQkO"}],"group":"cf-nel","max_age":604800}

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 116ms
115ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=6u8FrQjnx&w=4595228597026816&o=5698917485248512&cv=2.1.55-1-g5201404&widget=false&checksum=62f3f69a&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&sid=rHqLxQfK&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=mysavings.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:51 GMT
vary: Origin

GET
H2 200 bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzE2.js Show response
cdn.consentmanager.net/delivery/customdata/ 115 KB
27 KB 12ms
12ms Script
text/javascript 2a02:6ea0:c700::101
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzE2.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN_FR&o=1726771851434

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3cec3efc7d33f7fa38e760f241c3a3a962ace6bad91fa976c88e9bdbe47c4d9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
x-77-cache: HIT
expires: Thu, 19 Sep 2024 18:54:32 GMT
x-cache: HIT
x-age: 1572
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: public, max-age=1800
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518ce0b6cbc8b72ec66b4e8b725
last-modified: Thu, 19 Sep 2024 18:24:32 GMT
x-77-nzt: EgwBJRPCTwH3JAYAAAwBnJIhHwG3BwAAAA
cache-control: public, max-age=1800
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1726770272
x-xss-protection: 0
x-77-age: 1572
x-accel-date: 1726770279
server: CDN77-Turbo
x-accel-expires: @1726772072

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 147 KB
53 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab789e8c6ac5fe9081c27dcb65f11f5df74d2d68730bb48ffd96ac2328fdf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "1393514037034236726"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 15ms
15ms Image
image/png 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Response headers

age: 196643
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 12:13:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 12:13:28 GMT
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1018
x-xss-protection: 0
server: sffe

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 2 KB
2 KB 15ms
14ms Image
image/png 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

age: 445915
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Sun, 14 Sep 2025 14:58:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Sep 2024 14:58:56 GMT
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 1556
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 69ms
12ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:50:51 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 config Show response
raptive-auth.cloud.optable.co/s-5613da4c5ed284b838a5d9d7/ 515 B
736 B 151ms
100ms Fetch
application/json 34.149.155.241
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://raptive-auth.cloud.optable.co/s-5613da4c5ed284b838a5d9d7/config?cookies=no&passport=&osdk=web-v0.19.1
Requested by: Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 914f1b518a071d40c4d872a8591b1d58cfdcd1bbed601d623447df76a9c203a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.mysavings.com/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.mysavings.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 515
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 config Show response
raptive-tests.cloud.optable.co/default/ 389 B
610 B 146ms
101ms Fetch
application/json 34.149.155.241
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://raptive-tests.cloud.optable.co/default/config?cookies=no&passport=&osdk=web-v0.19.1
Requested by: Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash: b6fd6ec3cc006b8406eb6b3bd804e04233bee760b6883a0e2b4c2cebbb176e85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.mysavings.com/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.mysavings.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 config Show response
raptive-auth.cloud.optable.co/s-5613da4c5ed284b838a5d9d7/ 515 B
603 B 253ms
102ms Fetch
application/json 34.149.155.241
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://raptive-auth.cloud.optable.co/s-5613da4c5ed284b838a5d9d7/config?cookies=no&passport=&osdk=web-v0.19.1
Requested by: Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash: cbb2f445ff5ae07c7f40e2e524ed24fb659c86c2845911718023bdd8c724c2af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.mysavings.com/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.mysavings.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 515
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 50ms
10ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 45454
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: mHZ8ZQDPUaQEEP9e9-jA4Ey5je0Mfaf8B2kwP9a_RqaMm5_d9-vZLA==
date: Thu, 19 Sep 2024 06:13:18 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/ 479 KB
149 KB 16ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: br
etag: 10756395476737303338
age: 19823
x-content-type-options: nosniff
expires: Fri, 19 Sep 2025 13:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Sep 2024 13:20:28 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152737
x-xss-protection: 0
server: cafe

GET
H2 200 i.html
ads.adthrive.com/builds/core/fdd08cf/html/ Frame 4544 0
0 32ms
8ms Document
text/html 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/fdd08cf/html/i.html
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-89.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 879
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 19 Sep 2024 18:36:14 GMT
etag: W/"ed29d5d2480bc70dad827cd713b88a60"
last-modified: Thu, 19 Sep 2024 15:41:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: v29GPxXRAnFyRYg5pBrWs-3E8yAE5kbB8vfLF2ZNjwHHsfdRiRIgag==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 6a0OYPI90t8WpHqJiZYdh3NKprjnaCAm
x-cache: Hit from cloudfront

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 89ms
21ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&o=1726771851864&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=16&dv=81&

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: no-store, no-cache, must-revalidate
last-modified: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
content-type: image/gif

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 93ms
26ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&o=1726771851865&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=16&dv=81&

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: no-store, no-cache, must-revalidate
last-modified: Thu, 19 Sep 2024 18:50:51 GMT
x-xss-protection: 0
content-type: image/gif

GET
H2 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
815 B 8ms
8ms Image
image/gif 2a02:6ea0:c700::101
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

etag: "180-5c4c0aa828a40"
x-77-cache: HIT
expires: Sat, 26 Jul 2025 12:21:55 GMT
x-cache: HIT
x-age: 4774569
date: Thu, 19 Sep 2024 18:50:51 GMT
edge-control: max-age=2592000
content-type: image/gif
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
x-77-nzt-ray: 0d1fa518ce0b6cbc8b72ec6661d3d835
x-77-nzt: EgwBJRPCTwHXqdpIAAwB1GY4EQH3/wIAAA
cache-control: max-age=31536000
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 384
x-accel-date-max: 1721997282
x-77-age: 4774569
x-accel-date: 1721997282
server: CDN77-Turbo
x-accel-expires: @1753532515

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 192 B
553 B 46ms
14ms Script
text/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-126.fra60.r.cloudfront.net

Software

Resource Hash

f8a60c9a6eec316a41a29f63afe3ae2b552c8ab2867ee717f514620c65255cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=900
etag: b5f4f54d0384764db623b7f4ec798e41
age: 19
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
apigw-requestid: eXbS5iasoAMEPgg=
x-cache: Hit from cloudfront
content-length: 192
x-amz-cf-id: zv2WjrfU1N0q3mUCjovoafT8KGE0TJ67IucdEKnJsfkbtcUzBOlXgg==
date: Thu, 19 Sep 2024 18:50:32 GMT
content-type: text/javascript
x-amz-cf-pop: FRA60-P1

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
744 B 58ms
9ms Image
image/svg+xml 2600:9000:2156:7800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

etag: "c6e9be45643e197ce1db1d7e24a99adc"
age: 2016099
x-cache: Hit from cloudfront
x-amz-cf-id: A2FJ4W1pL63bkbBAK5a9p6-dY1hn7CKPd0k8fIYTySWfDELqe70RFg==
date: Tue, 27 Aug 2024 10:49:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 301
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
786 B 58ms
10ms Image
image/svg+xml 2600:9000:2156:7800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

etag: "5977437466e857c7ddcadda6f6d88c2a"
age: 1411647
x-cache: Hit from cloudfront
x-amz-cf-id: JXhqezZ-hohOTm_n-CyY-u2DLpkNWtKNVMtKCISsLX2x46eyPy90cw==
date: Tue, 03 Sep 2024 10:43:26 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 343
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
780 B 59ms
10ms Image
image/svg+xml 2600:9000:2156:7800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
etag: "2deb3d5121d475d195577a70b0a91a0c"
age: 168
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 368
x-amz-cf-id: p3GGuzVLZZpcJrWYMdLC-FmDlj4vq_F41yCjIpeMrttFHhJCDnSlKw==
date: Thu, 19 Sep 2024 18:48:05 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
957 B 58ms
10ms Image
image/svg+xml 2600:9000:2156:7800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

etag: "deecdaa377907db5cc1722fc831670a1"
age: 1878176
x-cache: Hit from cloudfront
x-amz-cf-id: hZhhzK3g2_avkTfPWEuqMnYTbxoLu1vY2spBdSwR2VDbIhV-gSXSCQ==
date: Thu, 29 Aug 2024 01:07:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=2592000
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 514
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 join
ads.optable.co/ca/paapi/v1/dsp/ig/ Frame 5C5A 0
0 331ms
129ms Document
text/html 107.178.250.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.optable.co/ca/paapi/v1/dsp/ig/join?origin=7cb96ce5-1dbe-4b86-8a6f-e2692575c095&vid=v%3A6SD6KUOK1Ymo9RcePFMlaV

Requested by

Host: raptive.solutions.cdn.optable.co
URL: https://raptive.solutions.cdn.optable.co/public-assets/raptive-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.250.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.250.178.107.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://localhost https://.adthrive.com https://adthrive.com https://.mysavings.com https://mysavings.com

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

ad-auction-allowed: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1058
content-security-policy: frame-ancestors https://localhost https://*.adthrive.com https://adthrive.com https://*.mysavings.com https://mysavings.com
content-type: text/html; charset=utf-8
date: Thu, 19 Sep 2024 18:50:52 GMT
via: 1.1 google, 1.1 google

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 194ms
194ms Stylesheet
text/css 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
age: 1071
via: 1.1 google
cf-ray: 8c5bc38c3dd0d22b-FRA
expires: Sat, 19 Oct 2024 18:50:52 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 YxnLGTq6 Show response
cdn.jwplayer.com/v2/playlists/ 5 KB
1 KB 56ms
10ms Fetch
application/json 2600:9000:225e:5200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/YxnLGTq6?max_resolution=1280
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: aae688be7ca4e3450b3934cef3d265c5ef00edd05b907b7c63a136bd8b07eef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
content-encoding: gzip
age: 43
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
expires: Thu, 19 Sep 2024 18:53:09
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1100
x-amz-cf-id: fK8GK8667TXC0XMHDyx40qFQe_1lXzt9fkltQ5SC8RQ5o9gIi8QN8w==
date: Thu, 19 Sep 2024 18:50:09 GMT
content-type: application/json; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 join_ig
gpsb-reims.criteo.com/paapi/ Frame CBB7 0
0 161ms
19ms Document
text/html 35.214.163.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gpsb-reims.criteo.com/paapi/join_ig?advertiser_id=500002_500329&ig_name=r6NnpiEx
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.163.35 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 35.163.214.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 2503
content-type: text/html; charset=UTF-8
date: Thu, 19 Sep 2024 18:50:52 GMT
join-ad-interest-group: *
supports-loading-mode: fenced-frame
via: 1.1 google

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035453/beacon.js
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js

10 KB
4 KB

9ms
9ms

Script
application/javascript

18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"380203da1313f445d8bc395ba3b88bad"
age: 71178
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: y99DW1GxhpfJ-sPjwMZZpaNCgmnWjZhnAybM3DJsZxd4M9Pfp9dXmQ==
date: Wed, 18 Sep 2024 23:04:35 GMT
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 15:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/6035453/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: vOGPFosg0ZLufvp0nV3HPNIn2gQzAWqIbua1KK6biVPg48nSYiMZMg==
date: Thu, 19 Sep 2024 18:50:52 GMT
x-amz-cf-pop: FRA56-P11

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 339 KB
66 KB 61ms
22ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9902f43839f3c0a824bf83dedaf13c4ef991c935bc47746e4c8136bae0abfea7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "43774cab4da7944c3c2e9d5c6100c0fd"
age: 314
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript
last-modified: Thu, 19 Sep 2024 18:35:44 GMT
vary: Accept-Encoding
x-amz-id-2: N5lWVNpSYxtzH/PcgFp6NIHgfrHROmAqxl4L2rpuxRY3+TFeeJBKPxDZiY2ZKPwCp9kORRhusCISpy5VEzjTK0LpWgwXLctS
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: MDTN5XCQZ2M9XTVV
cf-ray: 8c5bc38cddb871c4-FRA
accept-ranges: bytes
content-length: 66959
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 46J7Jm9U Show response
cdn.jwplayer.com/v2/media/ 3 KB
1 KB 185ms
182ms XHR
application/json 2600:9000:225e:5200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/46J7Jm9U
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/gdpr/vendor/prebid/es2018/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f7d23811915778cdc3d917c415c23a23d985599ffd7a1eebbb1db6a83197d41f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
content-encoding: gzip
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
expires: Thu, 19 Sep 2024 18:53:52
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 865
x-amz-cf-id: InuCyXu0r0vM_j_PGHY3dK1zp4y16PdTWkRY3tQnBsLZdm1BKfre-A==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/json; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 0VAL57HQ.js Show response
content.jwplatform.com/libraries/ 117 KB
43 KB 176ms
143ms Script
text/javascript 2600:9000:225e:8400:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 17babe64e14fa4cb24b02e836b34ecaee60d02cb317f9a2240a6a814bbe2a92c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 43913
x-amz-cf-id: gbO_yoGOOpGRMix-MEe3mJkB9KuKVjB6gb4Kkb_iuagtcfBznHhUtQ==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 ads.min.css
ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ 1 KB
723 B 11ms
11ms Stylesheet
text/css 13.224.189.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5613da4c5ed284b838a5d9d7/ads.min.css
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-98.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: ee933c90dffeda9cfb245b16c1b14ce0f5bcf36ed715b99f959372ebaa044d0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: max-age=3600, s-maxage=86400
content-encoding: gzip
age: 6162
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2nT7Fn0N19pSPThYIbTj8pB78vDp-9IibbAGJdx02q0gwB6gtRg4Lg==
date: Thu, 19 Sep 2024 17:08:10 GMT
content-type: text/css
vary: Accept-Encoding
server: CloudFront
x-amz-cf-pop: FRA2-C1

GET
H2 200 4fbba76f-7987-4fa2-9733-c27eb3a2170b Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 37ms
8ms Script
application/javascript 18.245.31.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-123.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: max-age=3600
age: 71
via: 1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: sBL7PXRCip8gQNWfyXQhl89rbRNaQ2PhQZslLv5jpxLBt53o5BuRAA==
date: Thu, 19 Sep 2024 18:49:41 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscr...
https://rp4.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunsc...

13 B
348 B

320ms
101ms

XHR
application/json

3.210.137.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&us_privacy=1---&wpn=lc-bundle&wpv=v3.1.0&cd=.mysavings.com&c=PHRpdGxlPkZyZWUgRnVsbC1TaXplIGUubC5mLiBJbnZpc2libGUgU3Vuc2NyZWVuIFNQRiAzNSAtIEZyZWUgU2FtcGxlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkdldCBhIEZSRUUgZnVsbC1zaXplIGUubC5mLiBzdW5zY3JlZW4hIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubXlzYXZpbmdzLmNvbS9mcmVlLXNhbXBsZXMvc29jaWFsLWVsZi1pbnZpc2libGUtc3Vuc2NyZWVuLXNwZi8xODU2NTIvIj48dGl0bGU-c2VhcmNoPC90aXRsZT48aDE-PHN0cm9uZz5GcmVlIEZ1bGwtU2l6ZSBlLmwuZi4gSW52aXNpYmxlIFN1bnNjcmVlbiBTUEYgMzUhPC9zdHJvbmc-PC9oMT4&i6=MmEwMDpjOTg6MmYwMDoyMDphOjo2&n3pc=true
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 3.210.137.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-137-246.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-pixel-event-id: 7e8b6087-99bb-471d-8f38-68ff40958459
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/json

Redirect headers

access-control-allow-origin: https://www.mysavings.com
location: https://rp4.liadm.com/j?dtstmp=1726771852295&aid=a-07fd&se=e30&duid=2726cbe08aed--01j85sywvemdkd3cps3k7tjd18&tv=v3.1.0&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&us_privacy=1---&wpn=lc-bundle&wpv=v3.1.0&cd=.mysavings.com&c=PHRpdGxlPkZyZWUgRnVsbC1TaXplIGUubC5mLiBJbnZpc2libGUgU3Vuc2NyZWVuIFNQRiAzNSAtIEZyZWUgU2FtcGxlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkdldCBhIEZSRUUgZnVsbC1zaXplIGUubC5mLiBzdW5zY3JlZW4hIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cubXlzYXZpbmdzLmNvbS9mcmVlLXNhbXBsZXMvc29jaWFsLWVsZi1pbnZpc2libGUtc3Vuc2NyZWVuLXNwZi8xODU2NTIvIj48dGl0bGU-c2VhcmNoPC90aXRsZT48aDE-PHN0cm9uZz5GcmVlIEZ1bGwtU2l6ZSBlLmwuZi4gSW52aXNpYmxlIFN1bnNjcmVlbiBTUEYgMzUhPC9zdHJvbmc-PC9oMT4&i6=MmEwMDpjOTg6MmYwMDoyMDphOjo2&n3pc=true
content-length: 0
access-control-expose-headers: *
date: Thu, 19 Sep 2024 18:50:52 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
418 B 97ms
39ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=0&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5613da4c5ed284b838a5d9d7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A92%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: 84D4ZlYj_NDCeYplrbxGrKLE9RYX38xf-vkgIAKv4jFh5GUft7T9hg==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
418 B 92ms
44ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=1&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Header_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x250%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Header_1%2F5613da4c5ed284b838a5d9d7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A31%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: fI8A9iR39VTjDGx3mmkk-Yj_C0988KWjH5NwQEVBSRq7Gd8xlL0Giw==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
418 B 78ms
39ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=2&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A69%2C%22id%22%3A%22AdThrive_Video_StickyOutstream_1_desktop%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: mYXVjPeliheN83jrL714ZyoXWFuYIdE8OIiWfTrIIoZy4jLLgeJraw==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
418 B 77ms
46ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=3&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F5613da4c5ed284b838a5d9d7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: X6aB5KDdzwGP7oHy2UmgrCNLOXKjaTua8da1bh3xlHIkWRwWnXQIZQ==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
417 B 62ms
47ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=4&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F5613da4c5ed284b838a5d9d7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A8%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: cWYR5SbF-W60Ww62B-uc8NpkR3y_LL03D6g89abYbnDRZUUTTZ8QqQ==
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
417 B 44ms
43ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pid=GDyoRah9q0IS6&cb=5&ws=1600x1200&v=24.819.1704&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22300x1050%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%221x1%22%2C%22300x420%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F5613da4c5ed284b838a5d9d7%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A48%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5613da4c5ed284b838a5d9d7%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.mysavings.com
x-cache: Miss from cloudfront
content-length: 84
x-amz-cf-id: m7Jbas_fySDTkkfFxsS2cGjYSoaOyPde4GjiDhuF0HCwJORO904BXA==
date: Thu, 19 Sep 2024 18:50:51 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA56-P11
server: Server

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 300 KB
107 KB 28ms
28ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3d93a0af15b12fc9dbbc93edd96a2b7f"
age: 2043847
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Feb 2024 15:11:18 GMT
vary: Accept-Encoding
x-amz-id-2: uxpZPsRRctRQYZd1Y2QElQoLaK6Id6TeQkcMZ2EvY5yX+vdWWvwvTTfCXxJfMyAwheMtcUxzu+c=
cache-control: public, max-age=31536000
x-amz-request-id: CPJJBYTS41FJX5FW
cf-ray: 8c5bc38d6e8271c4-FRA
accept-ranges: bytes
content-length: 109265
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/976a0084-4a39-40d6-9e7d-b2f700c17d45/ 176 B
757 B 74ms
64ms Fetch
application/json 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/976a0084-4a39-40d6-9e7d-b2f700c17d45/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c872d00dbdb6dc59630491808b83fe3deb0caf13b179e6132203042a6f9c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-request-id: 5379003e-cb30-4bb1-bde7-6a89bbd38754
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"9c872d00dbdb6dc59630491808b83fe3"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.016677
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8c5bc38d9dfa1997-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 video_info Show response
context.iris.tv/ 539 B
885 B 67ms
16ms Fetch
application/json 13.32.121.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=5d8f38ad6d7de4253cfa501b84c30b1014868d9884be5d68dc64bd50a6edb54c&client_token=EXJQESR8SMWMZCJ&platform_id=46J7Jm9U
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/fdd08cf/es2018/js/adthrive.min.js?deployment=2024-09-19-01:ade-1665:pr5322:fdd08cf:4&bucket=flex-69&deliveryFeatures=amazonBetaApstag,consentManagerCMP,raptiveFloors,raptiveManualCookieSync,recencyFrequency,reissuingSticky,stickyBucketsLocalStorage,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad,ttdSync,optableLoad&siteid=5613da4c5ed284b838a5d9d7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-58.fra60.r.cloudfront.net
Software: Zer01ne /
Resource Hash: 448b01fef2db422e0dcd2ff40c4a444b5ae89e9d3376f024aa14b462b7d84dc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, follow
cache-control: max-age=86400, stale-while-revalidate=600, stale-if-error=600
age: 32281
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: pDP76JyURsboHAmXC27sp7x7wViO3u5_ZqICDTfkQUuJ6dXC6aADdg==
date: Thu, 19 Sep 2024 09:52:51 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P1
server: Zer01ne

GET
H3 200 acc23091-a99e-49ab-b746-bc0fc9902635.png
img.onesignal.com/t/ 31 KB
32 KB 83ms
44ms Image
application/octet-stream 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/t/acc23091-a99e-49ab-b746-bc0fc9902635.png

Requested by

Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a9f5c80bda92c64fc65994b2e90b1e3fc9b7421ae1660283908ee9d7f50c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=6lLCLg==, md5=FcHp7WrMLTKfLjjzR0ycGQ==
cf-cache-status: HIT
etag: "-CPXhxtH2k/0CEAE="
age: 411
x-goog-stored-content-encoding: identity
expires: Sun, 20 Oct 2024 18:50:52 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 31578
x-goog-meta-cache-control: public, maxage=604800
date: Thu, 19 Sep 2024 18:50:52 GMT
x-goog-meta-x-goog-source-etag: "15c1e9ed6acc2d329f2e38f3474c9c19"
content-type: application/octet-stream
last-modified: Tue, 14 Feb 2023 02:06:42 GMT
vary: Origin, Accept-Encoding
x-guploader-uploadid: AD-8ljsqTMPPVA6gHsk1cqIxqG2XNhP1UzpKAmekjb_QUGbUBGb_uqzyURfffl0araDZ1u5OXn6fazpzug
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2678400
pragma: no-cache
x-goog-storage-class: STANDARD
cf-ray: 8c5bc38e8c39a043-FRA
x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
accept-ranges: bytes
x-goog-generation: 1676340402172149
content-length: 31578
server: cloudflare

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/v/8.30.0/ 74 KB
22 KB 153ms
69ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.0/googima.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "a88261d323c729e1484aaf704131e34f"
age: 46885
x-cache: HIT
date: Thu, 19 Sep 2024 18:50:52 GMT
last-modified: Mon, 23 Oct 2023 15:56:32 GMT
vary: Accept-Encoding
x-cache-hits: 444
content-type: application/javascript
x-served-by: cache-mad2200113-MAD
cache-control: max-age=86400, immutable
x-timer: S1726771853.694346,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22441
server: AmazonS3

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.30.0/ 66 KB
20 KB 117ms
34ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.0/jwpsrv.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "1ce002c93317733cda35dcef121db9b4"
age: 697
x-cache: HIT
date: Thu, 19 Sep 2024 18:50:52 GMT
last-modified: Wed, 14 Aug 2024 15:49:58 GMT
vary: Accept-Encoding
x-cache-hits: 14
content-type: application/javascript
x-served-by: cache-mad2200113-MAD
cache-control: max-age=900, immutable
x-timer: S1726771853.693992,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19880
server: AmazonS3

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.30.0/ 318 KB
83 KB 123ms
41ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.0/jwplayer.core.controls.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "f71a099576f74e3ec9b82257622dea2c"
age: 3855222
x-cache: HIT
date: Thu, 19 Sep 2024 18:50:52 GMT
last-modified: Mon, 23 Oct 2023 15:56:26 GMT
vary: Accept-Encoding
x-cache-hits: 12754
content-type: application/javascript
x-served-by: cache-mad2200113-MAD
cache-control: max-age=31536000, immutable
x-timer: S1726771853.694281,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85289
server: AmazonS3

GET
H2 200 46J7Jm9U Show response
cdn.jwplayer.com/v2/media/ 3 KB
1 KB 159ms
159ms XHR
application/json 2600:9000:225e:5200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/46J7Jm9U?max_resolution=1280&page_domain=www.mysavings.com
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 625cd6361645d20543cf19bdd8c4b23531b6b66fb21fb047b21c48ec7601e0e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
content-encoding: gzip
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
expires: Thu, 19 Sep 2024 18:53:52
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 881
x-amz-cf-id: hbesxFOL41P3l1CUj9EQJvm6eRvA_NIxccsJKQULGx_AKnqsjCQ2kw==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: application/json; charset=utf-8
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.30.0/ 413 KB
123 KB 33ms
33ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.0/provider.hlsjs.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "ac8db5646766d8df3efbd6f48ef054bc"
age: 3080953
x-cache: HIT
date: Thu, 19 Sep 2024 18:50:52 GMT
last-modified: Mon, 23 Oct 2023 15:56:29 GMT
vary: Accept-Encoding
x-cache-hits: 8314
content-type: application/javascript
x-served-by: cache-mad2200113-MAD
cache-control: max-age=31536000, immutable
x-timer: S1726771853.774776,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126154
server: AmazonS3

GET
H2 200 ed0OhOcGEeqE1D573nu30A.json Show response
entitlements.jwplayer.com/ 70 B
406 B 66ms
10ms XHR
application/json 108.138.26.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/ed0OhOcGEeqE1D573nu30A.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: max-age=1800, s-maxage=19020
content-encoding: gzip
age: 9441
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: YkeIZJ4fCdYFnKkwLm3P9Lpag6a7qAcAWReqHK8SB6FHRBSdWDXNJg==
date: Thu, 19 Sep 2024 16:13:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA56-P7

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 422 KB
145 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd620a4c8eb6e2635f0a7dfffa81c68e87e7cdee9bb4ee267578da7c2b2bda9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:52 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147746
date: Thu, 19 Sep 2024 18:50:52 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2

200

46J7Jm9U-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/46J7Jm9U-120.vtt
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt

2 KB
684 B

126ms
35ms

XHR
text/vtt

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 493a68a0662400c06563870103bfe6cf488652cdb04494e56e734898e335ed45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "f53c36da13e387e2303f44973e8507d8"
age: 169
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:46:32 GMT
content-type: text/vtt
x-served-by: cache-iad-kjyo7100145-IAD, cache-mad22039-MAD
x-cache-hits: 56950, 1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=300
x-timer: S1726771853.133614,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 307
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
location: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 166
x-amz-cf-id: vPttBYVNkKc8ZuEnE1OkhfUzdrcz-DzjunPyv8Rao1nb8snaxh3F5Q==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.30.0/ 103 KB
25 KB 35ms
34ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.30.0/related.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/0VAL57HQ.js?version_override=8.30.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "eef5502a106c89d71de48accd0ea2e74"
age: 2995857
x-cache: HIT
date: Thu, 19 Sep 2024 18:50:52 GMT
last-modified: Mon, 23 Oct 2023 15:56:31 GMT
vary: Accept-Encoding
x-cache-hits: 9318
content-type: application/javascript
x-served-by: cache-mad2200113-MAD
cache-control: max-age=31536000, immutable
x-timer: S1726771853.889201,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25137
server: AmazonS3

GET 46J7Jm9U.m3u8
cdn.jwplayer.com/manifests/ 0
0

GET
H2

200

bxo3jny2-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/46J7Jm9U/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-720.jpg

59 KB
56 KB

51ms
44ms

Image
image/jpeg

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-720.jpg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87ecf2dff2703a7df135a58bc79054db7f75acefcaa51ec139724f353f7615eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "671995e2ecd2052ea9202cddbc54fccd"
age: 70
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:47:14 GMT
content-type: image/jpeg
x-served-by: cache-iad-kjyo7100083-IAD, cache-mad2200113-MAD
x-cache-hits: 19853, 1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1726771853.048928,VS0,VE2
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57400
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-720.jpg
access-control-allow-methods: GET
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: vPO7nwSLDqfOP7owClG3PU8k4yNLn2zUOhvagHXNP13QawRPx8Skmw==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2

200

bxo3jny2-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/46J7Jm9U/poster.jpg?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-640.jpg

52 KB
49 KB

146ms
140ms

Image
image/jpeg

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-640.jpg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3749e2e14699b96a00b8b63d470284ae35c438f63e7e90088534b763d735b378

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "fff06a5ec27ca8c4ea6954eb2ea5aaa9"
age: 179
x-cache: HIT, MISS
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:47:15 GMT
content-type: image/jpeg
x-served-by: cache-iad-kjyo7100087-IAD, cache-mad2200113-MAD
x-cache-hits: 7348, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1726771853.048756,VS0,VE107
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50437
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/bxo3jny2-640.jpg
access-control-allow-methods: GET
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 04Sv4VYarvHgKurV2NFS9nIJPO9maMSPSLpIt7-2wux_roQAdVTCOg==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2

200

46J7Jm9U-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/46J7Jm9U-120.vtt
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt

2 KB
0

127ms
127ms

XHR
text/vtt

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 493a68a0662400c06563870103bfe6cf488652cdb04494e56e734898e335ed45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "f53c36da13e387e2303f44973e8507d8"
age: 169
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:46:32 GMT
content-type: text/vtt
x-served-by: cache-iad-kjyo7100145-IAD, cache-mad22039-MAD
x-cache-hits: 56950, 1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=300
x-timer: S1726771853.133614,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 307
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
location: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.vtt
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 166
x-amz-cf-id: vPttBYVNkKc8ZuEnE1OkhfUzdrcz-DzjunPyv8Rao1nb8snaxh3F5Q==
date: Thu, 19 Sep 2024 18:50:52 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 243 B
111 B 50ms
22ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

87898f4646743fe337b451c9163c68a8e2cf61b75c0ceb8bdaf285b1cfccfa2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 86
date: Thu, 19 Sep 2024 18:50:53 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bridge3.667.0_en.html
imasdk.googleapis.com/js/core/ Frame D947 0
0 48ms
15ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html?gdpr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 71194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258070
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 23:04:19 GMT
expires: Thu, 18 Sep 2025 23:04:19 GMT
last-modified: Wed, 18 Sep 2024 15:31:51 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:53 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Thu, 19 Sep 2024 18:50:53 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 26B3 40 KB
14 KB 16ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3478
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:52:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 17:52:55 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2

200

46J7Jm9U-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://cdn.jwplayer.com/strips/46J7Jm9U-120.jpg
https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.jpg

62 KB
57 KB

34ms
34ms

Image
image/jpeg

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.jpg
Requested by: Host: www.mysavings.com
URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c832be1bfb5540d907ef7482e962af0cdccf7726eb2e05b95522a88b4043e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "e3c2df3dec18bf8a6a5b8fa37d5fcb74"
age: 158
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:46:32 GMT
content-type: image/jpeg
x-served-by: cache-iad-kcgs7200117-IAD, cache-mad2200113-MAD
x-cache-hits: 27101, 1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1726771853.293271,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58168
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
location: https://assets-jpcust.jwpsrv.com/strips/46J7Jm9U-120.jpg
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 166
x-amz-cf-id: 1PLqqdyrK7gzaN24GQ_1tkM9js4oGceIEQO9rE7dcTghejgJHZEB5w==
date: Thu, 19 Sep 2024 18:50:53 GMT
content-type: text/html
x-amz-cf-pop: FRA60-P4
server: openresty

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 62ms
32ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240916&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

11ad538b05ee320080166c51ffffb92d3174e72b6af521beba9a23e09b21895d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13007
date: Thu, 19 Sep 2024 18:50:53 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
202 B 342ms
281ms Image
text/plain 2600:9000:21f3:ba00:1b:6b7c:c940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1447056583&e=e&n=5543997534998506&abc=0&abt=128_sendDomainToFeedsOn&aid=ed0OhOcGEeqE1D573nu30A&amp=0&ask=DmULPHgQ&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=42bje71h4td1&i=0&id=46J7Jm9U&lid=1nwh1q51nbeu&lsa=read&mt=1&pbd=1&pbr=1&pgi=oubyxnfm80l9&ph=1&pid=0VAL57HQ&pii=0&pl=347&plc=1&pli=1yl69x5r91i5&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Free%20Full-Size%20e.l.f.%20Invisible%20Sunscreen%20SPF%2035%20-%20Free%20Samples&pu=https%3A%2F%2Fwww.mysavings.com%2Ffree-samples%2Fsocial-elf-invisible-sunscreen-spf%2F185652%2F&pv=8.30.0&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Learn%20How%20to%20Score%20Free%20Sample%20Boxes%20Part%201&tv=4.0.6&vb=0&vi=0&vl=90&wd=617&ab=1&cae=0&cb=0&cdid=46J7Jm9U_1&cme=0&dd=0&flc=0&fv=&ga=0&lng=en&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F46J7Jm9U.m3u8%3Fmax_resolution%3D1280&pbc=0&pd=2&pdr=&plng=en&plt=3350&pni=0&po=0&pogt=Free%20Full-Size%20e.l.f.%20Invisible%20Sunscreen%20SPF%2035&rf=%2F%2Fcontent.jwplatform.com%2Fv2%2Fplaylists%2FMFjR5zDN%3Frelated_media_id%3DMEDIAID&sp=0&st=270&sa=1726771852874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: W4VEKO7K_bo60JSe_FlPhH9j619TJZLgDcU-MGCO14qNImqN4cA-3w==
date: Thu, 19 Sep 2024 18:50:53 GMT
x-amz-cf-pop: FRA2-C2
server: nginx

GET
H2 200 favicon.ico
www.mysavings.com/ 15 KB
3 KB 19ms
18ms Other
image/x-icon 2606:4700:3108::ac42:28d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mysavings.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 84d66f031512c585f956ac391cf132ddbc40e4fd1b6c31dbf3d3338c803b84a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/

Response headers

cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"afe53f5ea49d41:0"
age: 44
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pbc4AQO5%2FqHV9%2F%2Fe0GqLnPUXQOj2%2FDDvgdpBA5hRHtTKETNw4rSbPdKaHDK3qKvBFv1sULMndhXxz3EwVzBh8FGVYHLg5KbCaWWigMZSVCFwUJo9ke4dx1VXvEzTUMi7nym3%2FZbOr8hex9yNjk91"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5bc3936b09d291-FRA
date: Thu, 19 Sep 2024 18:50:53 GMT
content-type: image/x-icon
last-modified: Tue, 11 Sep 2018 16:10:55 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "1637097310169751"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:50:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:50:53 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6386
x-xss-protection: 0
server: sffe

GET
H2

200

4sodmtqo-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/40wO5aRp/poster.jpg?width=120
https://assets-jpcust.jwpsrv.com/thumbnails/4sodmtqo-120.jpg

6 KB
6 KB

34ms
34ms

Image
image/jpeg

2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/4sodmtqo-120.jpg
Protocol: H2
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c9da7b95b1bf0ab0cef9f38b3d87ab55fdfddc3b92305b40464b3309c91e70c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mysavings.com/

Response headers

content-encoding: gzip
etag: "7e3d443778c3ab39dcc54c5d3ee9edec"
age: 541
x-cache: HIT, HIT
date: Thu, 19 Sep 2024 18:50:53 GMT
last-modified: Fri, 04 Jun 2021 20:47:07 GMT
content-type: image/jpeg
x-served-by: cache-iad-kcgs7200127-IAD, cache-mad2200113-MAD
x-cache-hits: 15542, 1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1726771854.575679,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5972
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/4sodmtqo-120.jpg
access-control-allow-methods: GET
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: CORTiDAtSZUdWGLRh6XgvQl8mU5eA5U5BUQosmcoEwhMOU212f8gIA==
date: Thu, 19 Sep 2024 18:50:53 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C125 0
0 52ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mysavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 41838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 07:13:35 GMT
expires: Fri, 19 Sep 2025 07:13:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mysavings.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b

Domain: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/manifests/46J7Jm9U.m3u8?max_resolution=1280

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240916&jk=2844102113977785&bg=!5uWl5arNAAbpMHvgyTA7ADQBe5WfOG1BMua8Fh8suvMAo6DWaqamdv3jugsugENTxlHutO4jTXHdZhT5ev3dz31ysk98AgAAAFtSAAAABWgBB34ANhUaEM_bcgosUMnG_4NYrd-5RyX6lML07S7def1NY3xk14OAva_WQYbnVIVpHpw65Otiq6RxNpkCoVyd5AtEYrwVNiH8dpEfVbkro82JhB8hsRsvOEgikCop5g8tyZf5v3xJZw0SDaGuHzD6PhSIayPP81B7ddoc8aCxtQkrMQiHBC0_vMVZHtBLOcKPMqROd2NYSW3r7an-WRQnW8jbHnLdL660TBx1CWwVXQ_S-ari709_mfxkGApSbNqPMKJGZcmysVA3jJnFil7DVXfNojTc2LShsy0s-jsh8MXPySKf8W8dUEek25eSjxgBY9YcHNWsbCw7MQEe67vr7cBUX_GmIYbbucDjtoFExkCNVe-PeEL8nsh7Totk5-rF41FAuHjlB7gUCH97aYHkGsg3__6fO9ZXogBwDkIu92kE8kfC_uXoz8w19TaCAFVoJD00i0vC24tuOTM_q1c0mZZb2ZH7HVqZV3jCeRUE0xuXdI_oOhFGeGIdoLLSGeoeSdWF4mTJ8xReBfuFKt9wItcyjLj-T49QyyA5zJ6Q__4F5b42pJLDrXcWWCVD6Y1oWzkJtCklGrRxidZzFGVonm0gOHWdQILxpJkPUaLgnZUcCIKnGUS9x5auCGaatvpwHC9RfC4Wq_c9WrvE7JHSoDpP7WnLwpniErn9Yfw_JM3OMRlb1xeIQKokTJbaOpB-rtaj2S0gset3DsiErj35vn3lk8Q3BDzNh7Eh-pUnOEAQv9J-0ud7RQd61b4MFC1VgOMmUCd5szz5jcjywctVFc-NRKxX7TDwgdZ0kYImtX5sjholtOrQBKVqrwGUwJ5vOsbBKLrecF0ubSmLhVdksPTV__OPMWBGyeYitQK4sE8X8D8BnaxAMiSU_klpIR7CdMwIydPpYlmozVykTHwo1TcY3JXBwVnjUPVB89eXyn3KijC4EXTzfYo_wJRX4XyL9d4BuUh6aoINFiHkJD4

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 09:15:31	Name: lidid Value: 0741b599-192e-49df-a8ab-c71eabf63f05
www.mysavings.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSCSTCSRQ Value: DPBCLPMBHKPMNCMKGDLOEHHL
www.mysavings.com/	1970-01-21 00:22:43	Name: fdb%2Dclicked Value: 1
www.mysavings.com/	1970-01-21 09:15:31	Name: user%5Fguid Value: %7B5EC4BF2D%2DF2D6%2D4502%2D94CD%2DD7FFC9C9CFBC%7D
www.mysavings.com/	1970-01-21 09:15:31	Name: user%5Ftracking%5Fdt%5Fvisited%5Flast Value: 9%2F19%2F2024+2%3A50%3A50+PM
.onesignal.com/	1970-01-20 23:39:33	Name: __cf_bm Value: 2dMYQYxwPF42NkF4tHEWOyQFIFcIzTgYwHF.t6BY8F4-1726771851-1.0.1.1-sZvydzGDiiQ01V4Fd9Q98t1Bl_rznRKZfnTMaYhDyzY78bAmlwLs0fNq9E7J4HCARlFfnbmf3EJufT0Y9WUKzw
.mysavings.com/	1970-01-21 01:49:07	Name: _fbp Value: fb.1.1726771851269.895205540999571048
.mysavings.com/	1970-01-21 09:15:31	Name: _ga_51BWT046PC Value: GS1.1.1726771851.1.0.1726771851.60.0.0
.mysavings.com/	1970-01-21 09:15:31	Name: _ga Value: GA1.1.764802208.1726771851
.mysavings.com/	1970-01-21 08:25:07	Name: cf_clearance Value: IPXEwKOm8n1kqcXMhd6xrGYhnqaj0WIiQUNLHY1efmA-1726771851-1.2.1.1-jyZVSGNE3S91iltefg0I1P34M7mQdLajmq_m3.nd.7d2Ihiyab186ZkYoCymjPKURhHVzPMok4ec0hpVcNpGd9gKFjSCUq.pPVUGKLBgtigC3BzykkvH6MuKIS_yLQXqebjgrLy_uzAueAz8PowbhhdPDqjVdxq9EbKjut4nwbuUa79nZmIX9ev9sPWFkMMwwKU.h1uCtTFPXhs6xaRW4DhETiEk_TUgSf_fU536Lzv1CCoACsL6isxku8c8b4O_vma772Pi_J8hVxKMEitRRFZp57tcHGOfzgmfv33mHg097WiZiLeFujpPwgzezMHL_H2ANJO1CkepEznXZm5GJu9_onMk.lL0C1J9TdK5tpCPVYsCyyPzDTE23lzBt2tJ
.mysavings.com/	1970-01-20 23:59:41	Name: __cmpconsentx98978 Value: CQFMQXAQFMQXAAfPSBENBHFgAAAAAEPgAAigAAATpgZAAIAAWAA4ACoAFwAOAAeABAACQAGQANAAcAA8ACIAEcAJgAUgAqgBoAD0AH4AQgAjgBOADAAGUANEAcgA5wB3AD9gIOAhABFgCfgF1ANeAcQA6gB2wD2gH_ATEAocBUoC8wGSAMsAfIA_cCdIAAA.YAAACHwAAAA
.mysavings.com/	1970-01-20 23:59:41	Name: __cmpcccx98978 Value: aBQFPHl2AAAAAAA
.mysavings.com/	1970-01-21 03:58:43	Name: __eoi Value: ID=d02bf8602f1b342d:T=1726771851:RT=1726771851:S=AA-AfjY9y20E5YxjTuFtuqu71wOd
.mysavings.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .mysavings.com
.mysavings.com/	1970-01-21 09:15:31	Name: _lc2_fpi Value: 2726cbe08aed--01j85sywvemdkd3cps3k7tjd18
gpsb-reims.criteo.com/	1970-01-21 03:58:43	Name: Value: Partitioned
.liadm.com/	1970-01-21 09:15:31	Name: lidid Value: 0741b599-192e-49df-a8ab-c71eabf63f05

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.mysavings.com/fontawesome/webfonts/fa-brands-400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.mysavings.com/fontawesome/webfonts/fa-solid-900.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.mysavings.com/free-samples/social-elf-invisible-sunscreen-spf/185652/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mysavings.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b' from origin 'https://www.mysavings.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mysavings.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.adthrive.com
ads.optable.co
api.btloader.com
assets-jpcust.jwpsrv.com
b-code.liadm.com
b.delivery.consentmanager.net
btloader.com
buttons-config.sharethis.com
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
c.delivery.consentmanager.net
cdn.ckeditor.com
cdn.confiant-integrations.net
cdn.consentmanager.net
cdn.jwplayer.com
cdn.onesignal.com
cdnjs.cloudflare.com
clients1.google.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
content.jwplatform.com
context.iris.tv
count-server.sharethis.com
cse.google.com
entitlements.jwplayer.com
gpsb-reims.criteo.com
imasdk.googleapis.com
img.onesignal.com
l.sharethis.com
litags.feedblitz.com
onesignal.com
p.feedblitz.com
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
prd.jwpltx.com
raptive-auth.cloud.optable.co
raptive-tests.cloud.optable.co
raptive.solutions.cdn.optable.co
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.mysavings.com
c.amazon-adsystem.com
cdn.jwplayer.com
pagead2.googlesyndication.com
104.16.160.145
104.17.111.223
104.17.24.14
104.18.11.207
104.192.6.65
107.178.250.95
108.138.26.75
108.138.6.136
13.224.189.89
13.224.189.98
13.32.121.126
13.32.121.58
130.211.23.194
142.250.181.228
142.250.184.198
142.250.185.226
142.250.186.162
142.250.186.35
157.240.251.9
172.64.144.166
18.244.15.236
18.244.18.32
18.245.31.123
2001:4860:4802:32::36
2600:1f18:730:b130:aa51:265:7dd6:8fea
2600:9000:206f:8400:c:abe:f440:93a1
2600:9000:2156:7800:1d:85c3:6640:93a1
2600:9000:21f3:ba00:1b:6b7c:c940:93a1
2600:9000:223e:1600:f:20fd:b80:93a1
2600:9000:225e:5200:1:a3fa:7cc0:93a1
2600:9000:225e:8400:1:a3fa:7cc0:93a1
2600:9000:275d:1000:8:8845:1500:93a1
2606:4700:10::6816:4ad8
2606:4700:20::ac43:4513
2606:4700:3108::ac42:28d4
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9d
2a02:6ea0:c700::101
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:600::626
2a04:4e42::626
3.160.150.115
3.161.82.127
3.210.137.246
34.117.62.22
34.149.155.241
35.157.71.119
35.214.163.35
74.208.8.75
87.230.98.76
87.230.98.78
003f11541856a649a6c8235c6266c8936224c5d609e51442da24dc5556d14fbf
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
02ade0e04bd20898b23ec3c771c2fda677e4c404a4a3a98e505e1924b5c39aa3
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09b8b4495d2a9fdb2abd2e27fa38b1ef1b0ad15beb03187b2bff4f6ce9f51513
0bd7770256acfac7f23a450205b21e65979922e65f10d562a008193bc01f1637
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
11ad538b05ee320080166c51ffffb92d3174e72b6af521beba9a23e09b21895d
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
17babe64e14fa4cb24b02e836b34ecaee60d02cb317f9a2240a6a814bbe2a92c
250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2
26ac57c9f26ec725511c7c97a9e0e005aa46710311033eb3f5f23ba355f80cc7
26b8f5680df8c6ab979154885014a5872182283bc267ba2ea77f18072b2a8cbf
2e49e41f9966d268ace04217e1a12c1ee1717909802c3e23526a10f533cf6f32
301ada58813ba2aeb9eb068267a6e1f8df32023a45634e1a2dbaa80f7344d9bb
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3749e2e14699b96a00b8b63d470284ae35c438f63e7e90088534b763d735b378
3cec3efc7d33f7fa38e760f241c3a3a962ace6bad91fa976c88e9bdbe47c4d9d
3eac7ef484042aa095902f9b825934712a37a247833de999856ddfeb8650aef0
43a9f5c80bda92c64fc65994b2e90b1e3fc9b7421ae1660283908ee9d7f50c82
44356122b0915edd27f981063bccdccd709656abd3181959cdb86af445111d23
448b01fef2db422e0dcd2ff40c4a444b5ae89e9d3376f024aa14b462b7d84dc9
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
47b36eb029f6cf9e80b1d127237f0c060688e62193f156fafb5fc23a1d51ca84
493a68a0662400c06563870103bfe6cf488652cdb04494e56e734898e335ed45
49dafd224dfd66e81842a2d933b77252edc874f3ade51da703db93f311ebe1f2
4ab789e8c6ac5fe9081c27dcb65f11f5df74d2d68730bb48ffd96ac2328fdf89
5056ef5dc93abf192b870cb1eed5637115845eb412d300ac7b319e05e41bb515
5072ec4cc89b11018683fa9cee39aab20f6b4cb72519506ea164698b7ae1295f
50b44a83a02d180f9a7c26d0a154b37ad51b27013bf65829ec84ed53a731c6d8
56405c402c58ad8bf46649f63e24ca5a60de0e94581ff9aa40b46ee039abd673
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5c2a7e772d19e26c4ddc5db187fde5eca389a0798d5945d6f232e0de6d5209b7
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625cd6361645d20543cf19bdd8c4b23531b6b66fb21fb047b21c48ec7601e0e3
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350
6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
7558b9eeeb5b669f38962273e76bade587ba5a6f5db75b6dca8295c4df501246
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff
780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48
7d1dddfe98f3efe4c9a8c5850633c84fa8a7d289bde28b30d33b98b87270c8b5
81c5aa804472f72c1277b1f38ec62c7dffa08698d1775e11779ab87680d9de88
838ef0cfa9936fb2d9c7510083e541ec786f56f855a0f3283706495e819ab666
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
84d66f031512c585f956ac391cf132ddbc40e4fd1b6c31dbf3d3338c803b84a6
87898f4646743fe337b451c9163c68a8e2cf61b75c0ceb8bdaf285b1cfccfa2a
87ecf2dff2703a7df135a58bc79054db7f75acefcaa51ec139724f353f7615eb
8c9da7b95b1bf0ab0cef9f38b3d87ab55fdfddc3b92305b40464b3309c91e70c
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08
914f1b518a071d40c4d872a8591b1d58cfdcd1bbed601d623447df76a9c203a5
91cf968eb18b505da5ddaa458c1309b864ccab0aea882d8587fd488f377dd708
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9902f43839f3c0a824bf83dedaf13c4ef991c935bc47746e4c8136bae0abfea7
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9c872d00dbdb6dc59630491808b83fe3deb0caf13b179e6132203042a6f9c680
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
aa70f0edea273b2e091c5bada7d5b4f01a165177b5821f936c0865510408891d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aae688be7ca4e3450b3934cef3d265c5ef00edd05b907b7c63a136bd8b07eef7
ab97d7ae9c9a1a80b3624f1d08029457444e5affd94ed65871a04b4ffb81bcd9
b1165511050c82f20eb56b6126170c3049a09c6f6af7da5496d6c6703797197e
b126fb14643f325a926ad3532c7d7426012dad8961a137c4f5a000ea3c3a6e91
b6fd6ec3cc006b8406eb6b3bd804e04233bee760b6883a0e2b4c2cebbb176e85
c1e82be726a2c4201fbd8ab4bca1fdc9aa23d334be46c2bd933204c8c51b7732
c92d391cd3f5f7f462aa97d1614a6e946e3877f9c47e34c5af0aed8fcab206d5
cbb2f445ff5ae07c7f40e2e524ed24fb659c86c2845911718023bdd8c724c2af
cd620a4c8eb6e2635f0a7dfffa81c68e87e7cdee9bb4ee267578da7c2b2bda9e
cea79b345caf49d6223098b8a2b04d70273e8d7c6b9e3d03cf7f7a267793e9aa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
d6ba328a9faf1a69dc71ec709f371b28c856e2dec347637f1930257b033c910d
d72c19754947c05f42c35c3686995f025610a88ab9b6ab384063bb09b47ac869
d813c610e838425c47ff04f2db00c091f83e8817c61f4d9ed0e3062edd1a315d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d968ca24d2eed48f3bac3dfa785aa5d6c3f02c19b34600373862232783bfd93c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e2c832be1bfb5540d907ef7482e962af0cdccf7726eb2e05b95522a88b4043e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e734e1e5c632eee2d001d3db86a0d3877abba6290ffe925841444d2003019924
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e80db8237050c92c698e5c785e747d32e079dfd8a759bedc80e7ac81102034c1
e8f20582bf9fc7335f30f8ba3542fd2121a682517228f5c71904362a07e8a4e8
e905288a71864cfe41873d8947d35acc24e14701260cfb98de63ece8fd602d1e
ea2a0a70897b8fff3df0cbd90408da4a590c4295e22387ea6cc467655d37db79
ec3e28d43a25488eaa3a0c7b33017c0b20a2f5f72a56a8fc38b6c71221cc2e64
ec67f7502e5a30d41b042b9d517cc86fd8ac60ed7f8331284047e7b08ff7fb5a
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ee933c90dffeda9cfb245b16c1b14ce0f5bcf36ed715b99f959372ebaa044d0a
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f731a0940866a9f92778bab6880e6a9d19fb4424f8e117abaa3183eeffc96225
f7d23811915778cdc3d917c415c23a23d985599ffd7a1eebbb1db6a83197d41f
f8a60c9a6eec316a41a29f63afe3ae2b552c8ab2867ee717f514620c65255cfe

www.mysavings.com Open in urlscan Pro 2606:4700:3108::ac42:28d4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

88 %HTTPS

42 %IPv6

33 Domains

58 Subdomains

55 IPs

5 Countries

3502 kBTransfer

10307 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.mysavings.com Open in urlscan Pro
2606:4700:3108::ac42:28d4 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

88 %
HTTPS

42 %
IPv6

33
Domains

58
Subdomains

55
IPs

5
Countries

3502 kB
Transfer

10307 kB
Size

17
Cookies

138 HTTP transactions
0 data transactions