www.more4momsbuck.com Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/7msidr
Effective URL:
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Submission: On June 18 via api (June 18th 2021, 6:06:02 pm UTC) from US

Summary HTTP 199 Redirects Links 81 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 66 domains to perform 199 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.more4momsbuck.com.

This is the only time www.more4momsbuck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:5384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	69.164.195.169 69.164.195.169	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:803::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
24	65.9.77.80 65.9.77.80	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	198.61.128.38 198.61.128.38	19994 (RACKSPACE) (RACKSPACE)
5	65.9.77.114 65.9.77.114	16509 (AMAZON-02) (AMAZON-02)
5	38.99.77.17 38.99.77.17	36323 (EZRI-36323) (EZRI-36323)
1	38.99.77.16 38.99.77.16	36323 (EZRI-36323) (EZRI-36323)
1	64.111.116.72 64.111.116.72	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	209.141.56.224 209.141.56.224	53667 (PONYNET) (PONYNET)
1 2	143.198.246.108 143.198.246.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3034::ac43:884f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	52.217.166.8 52.217.166.8	16509 (AMAZON-02) (AMAZON-02)
1	34.209.120.242 34.209.120.242	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 5	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	104.197.67.28 104.197.67.28	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.111.233.227 104.111.233.227	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
4 4	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1 8	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
1 16	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.158.179.12 35.158.179.12	16509 (AMAZON-02) (AMAZON-02)
4 5	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.205.83.58 52.205.83.58	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	18.185.208.29 18.185.208.29	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.175 208.100.17.175	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.48 124.146.215.48	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
7	65.9.77.76 65.9.77.76	16509 (AMAZON-02) (AMAZON-02)
7	65.9.84.43 65.9.84.43	16509 (AMAZON-02) (AMAZON-02)
2 2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
199	60

1 2606:4700:20::ac43:5384 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.164.195.169 (Richardson, United States) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

links.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.more4momsbuck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:803::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.9.77.80 (United States)

ASN16509 (AMAZON-02, US)

widget-prime.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.61.128.38 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

www.tomoson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.77.114 (United States)

ASN16509 (AMAZON-02, US)

i1353.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 38.99.77.17 (United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img155.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img11.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img841.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img839.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img340.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.99.77.16 (United States)

ASN36323 (EZRI-36323, US)
PTR: imagizer-cv.imageshack.us

img651.imageshack.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.111.116.72 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: hipleasures.com

www.momselect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.141.56.224 (Las Vegas, United States)

ASN53667 (PONYNET, US)
PTR: b000.b000.banligo.com

www.myblogspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.198.246.108 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.usfamilyguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:884f (United States)

ASN13335 (CLOUDFLARENET, US)

www.sverve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap5ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.166.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.120.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-120-242.us-west-2.compute.amazonaws.com

badge.clevergirlscollective.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.197.67.28 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 28.67.197.104.bc.googleusercontent.com

members.one2onenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.140.199 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.77.19.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.179.12 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.63 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.83.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.208.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.175 (United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.48 (Yokohama, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.77.76 (United States)

ASN16509 (AMAZON-02, US)

customizer-css.rafflecopter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.84.43 (United States)

ASN16509 (AMAZON-02, US)

d1bg42r4siwejx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.filepicker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	rafflecopter.com 2 redirects links.rafflecopter.com widget-prime.rafflecopter.com customizer-css.rafflecopter.com	999 KB
21	lijit.com 3 redirects ap.lijit.com gslbeacon.lijit.com vap5ams1.lijit.com pxdrop.lijit.com ce.lijit.com	42 KB
16	gumgum.com 1 redirects rtb.gumgum.com	5 KB
16	facebook.net connect.facebook.net	621 KB
12	blogblog.com resources.blogblog.com	6 KB
12	blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com	2 MB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
8	one2onenetwork.com members.one2onenetwork.com	835 KB
8	blogger.com www.blogger.com	600 KB
7	cloudfront.net d1bg42r4siwejx.cloudfront.net	11 KB
7	google.com apis.google.com adservice.google.com www.google.com	150 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
6	imageshack.us img155.imageshack.us img651.imageshack.us img11.imageshack.us img841.imageshack.us img839.imageshack.us img340.imageshack.us
5	outbrain.com 4 redirects sync.outbrain.com	2 KB
5	owneriq.net 2 redirects px.owneriq.net	13 KB
5	photobucket.com i1353.photobucket.com	13 KB
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	crwdcntrl.net 4 redirects bcp.crwdcntrl.net	2 KB
4	facebook.com 2 redirects www.facebook.com graph.facebook.com	774 B
4	google-analytics.com www.google-analytics.com	26 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	fbcdn.net scontent-frx5-2.xx.fbcdn.net	2 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	628 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	360yield.com 2 redirects ad.360yield.com	617 B
2	openx.net 2 redirects us-u.openx.net	637 B
2	avads.net 2 redirects ads.avads.net	559 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	contextweb.com 2 redirects bh.contextweb.com	713 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	tapad.com 1 redirects pixel.tapad.com	916 B
2	amazonaws.com s3.amazonaws.com	720 B
2	usfamilyguide.com 1 redirects www.usfamilyguide.com	296 B
2	tomoson.com 1 redirects www.tomoson.com	333 B
2	googletagmanager.com 1 redirects www.googletagmanager.com	37 KB
2	more4momsbuck.com www.more4momsbuck.com	33 KB
1	filepicker.io www.filepicker.io	266 KB
1	socdm.com 1 redirects tg.socdm.com	689 B
1	emxdgt.com cs.emxdgt.com
1	33across.com ssc-cms.33across.com
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	318 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	469 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	833 B
1	stackadapt.com sync.srv.stackadapt.com	168 B
1	bidr.io match.prod.bidr.io	430 B
1	rubiconproject.com pixel-eu.rubiconproject.com	239 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	270 B
1	media.net contextual.media.net	371 B
1	quantserve.com 1 redirects pixel.quantserve.com	596 B
1	eyeota.net ps.eyeota.net	344 B
1	googleapis.com fonts.googleapis.com	474 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	663 B
1	clevergirlscollective.com badge.clevergirlscollective.com	271 B
1	sverve.com www.sverve.com	41 KB
1	myblogspark.com www.myblogspark.com
1	momselect.com www.momselect.com	18 KB
1	is.gd 1 redirects is.gd	607 B
199	66

	Domain	Requested by
24	widget-prime.rafflecopter.com	www.more4momsbuck.com widget-prime.rafflecopter.com
16	rtb.gumgum.com	1 redirects gslbeacon.lijit.com rtb.gumgum.com
16	connect.facebook.net	www.more4momsbuck.com connect.facebook.net widget-prime.rafflecopter.com
12	resources.blogblog.com	www.more4momsbuck.com www.blogger.com
9	ap.lijit.com	2 redirects www.more4momsbuck.com ap.lijit.com gslbeacon.lijit.com
8	ce.lijit.com	1 redirects www.more4momsbuck.com gslbeacon.lijit.com rtb.gumgum.com
8	members.one2onenetwork.com	www.more4momsbuck.com members.one2onenetwork.com
8	www.blogger.com	www.more4momsbuck.com apis.google.com www.blogger.com
7	d1bg42r4siwejx.cloudfront.net	www.more4momsbuck.com widget-prime.rafflecopter.com
7	customizer-css.rafflecopter.com	widget-prime.rafflecopter.com
7	pagead2.googlesyndication.com	www.more4momsbuck.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	sync.outbrain.com	4 redirects rtb.gumgum.com
5	px.owneriq.net	2 redirects www.more4momsbuck.com px.owneriq.net
5	i1353.photobucket.com	www.more4momsbuck.com
5	3.bp.blogspot.com	www.more4momsbuck.com
5	apis.google.com	www.more4momsbuck.com apis.google.com www.blogger.com
4	x.bidswitch.net	3 redirects rtb.gumgum.com
4	cm.g.doubleclick.net	3 redirects rtb.gumgum.com
4	bcp.crwdcntrl.net	4 redirects
4	www.google-analytics.com	www.more4momsbuck.com
4	2.bp.blogspot.com	www.more4momsbuck.com
3	match.adsrvr.org	2 redirects rtb.gumgum.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	scontent-frx5-2.xx.fbcdn.net	www.more4momsbuck.com
2	graph.facebook.com	2 redirects
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	us-u.openx.net	2 redirects
2	ads.avads.net	2 redirects
2	secure.adnxs.com	2 redirects
2	bh.contextweb.com	2 redirects
2	p.rfihub.com	2 redirects
2	pixel.tapad.com	1 redirects www.more4momsbuck.com
2	vap5ams1.lijit.com	www.more4momsbuck.com
2	www.facebook.com	www.more4momsbuck.com connect.facebook.net
2	s3.amazonaws.com	www.more4momsbuck.com
2	www.usfamilyguide.com	1 redirects www.more4momsbuck.com
2	www.tomoson.com	1 redirects www.more4momsbuck.com
2	1.bp.blogspot.com	www.more4momsbuck.com
2	www.googletagmanager.com	1 redirects www.more4momsbuck.com
2	www.more4momsbuck.com	www.more4momsbuck.com
2	links.rafflecopter.com	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	image6.pubmatic.com	ads.pubmatic.com
1	www.filepicker.io	widget-prime.rafflecopter.com
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	ssc-cms.33across.com	rtb.gumgum.com
1	ads.pubmatic.com	rtb.gumgum.com
1	sync.mathtag.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	rtb.gumgum.com
1	match.prod.bidr.io	gslbeacon.lijit.com
1	pixel-eu.rubiconproject.com	gslbeacon.lijit.com
1	pixel-sync.sitescout.com	1 redirects
1	contextual.media.net	gslbeacon.lijit.com
1	pixel.quantserve.com	1 redirects
1	ps.eyeota.net	www.more4momsbuck.com
1	pxdrop.lijit.com	www.more4momsbuck.com
1	gslbeacon.lijit.com	ap.lijit.com
1	fonts.googleapis.com	members.one2onenetwork.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	badge.clevergirlscollective.com	www.more4momsbuck.com
1	img340.imageshack.us	www.more4momsbuck.com
1	img839.imageshack.us	www.more4momsbuck.com
1	img841.imageshack.us	www.more4momsbuck.com
1	www.sverve.com	www.more4momsbuck.com
1	img11.imageshack.us	www.more4momsbuck.com
1	www.myblogspark.com	www.more4momsbuck.com
1	www.momselect.com	www.more4momsbuck.com
1	img651.imageshack.us	www.more4momsbuck.com
1	img155.imageshack.us	www.more4momsbuck.com
1	4.bp.blogspot.com	www.more4momsbuck.com
1	is.gd	1 redirects
199	87

This site contains links to these domains. Also see Links.

Domain
3.bp.blogspot.com
www.vansfoods.com
2.bp.blogspot.com
www.blogger.com
1.bp.blogspot.com
www.dunkindonuts.com
www.renuzit.com
www.tomoson.com
shop.greatergood.com
www.purex.com
www.dialsoap.com
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.myblogspark.com
www.usfamilyguide.com
www.sverve.com
www.netvibes.com
add.my.yahoo.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.rafflecopter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.tomoson.com Go Daddy Secure Certificate Authority - G2	`2020-10-03` - `2021-11-04`	a year	crt.sh
usfamilyguide.com R3	`2021-06-12` - `2021-09-10`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.cannababes.com COMODO RSA Domain Validation Secure Server CA	`2018-07-03` - `2020-07-02`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.eyeota.net R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.filepicker.io R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 27 frames:

Primary Page: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Frame ID: 17170297AE1E2F86605A317966811B81
Requests: 80 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Frame ID: 6451320133B09E7DF164FD671EFD3358
Requests: 5 HTTP requests in this frame

Frame: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Frame ID: 188A871E02B7E508E0A18EC472E5178B
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: EAD78CF6141D5B49652120D2A62C9CC2
Requests: 11 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 41FCDEAD05C259FA7B70CC7D19109CEA
Requests: 10 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 37A6C0F31ACDB3B65D4D3F4DC27F2391
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: FBF42E617FF0FF7AAA086ED2E3FBACA4
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 4924F03CB6D6D86B7CB46A26D2BF870A
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: AD7312E5D11E34EA7B5B24D0B45DB531
Requests: 8 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 50619845BD372106F7013CC95E431924
Requests: 7 HTTP requests in this frame

Frame: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Frame ID: 1D762526D895746AE5139A68D07EC55C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=399848373&adf=2881044700&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624039535592&bpp=13&bdt=210&idt=503&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=906524652005&frm=20&pv=2&ga_vid=1924400077.1624039536&ga_sid=1624039536&ga_hid=1098577699&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060047&oid=3&pvsid=4095168329263127&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ikD4ewlsSp&p=http%3A//www.more4momsbuck.com&dtd=518
Frame ID: 7BA4971F11B94AB9259EF3508E4D2494
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 2710F59A0D9F474D227478080061C5B9
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Frame ID: 44E7C794E006C307D9FB1775B34ED4EB
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 4F192FF43557581C62E64D221CBC45F8
Requests: 16 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=
Frame ID: 17FB77C78A10997E4BBF07EFA162394A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg
Frame ID: 6C549DB91311EB35249D5B193022E04E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: C8124E01FBC7FD7028506543A941EB40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 59279432D61700AC86866081918BF557
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 2B68E6F93E907370ECCC8CD1D1F5886B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 1872E81F4E8A116E59C0E7C670628D0F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 45D02168C147EE5BDC244144EF53388D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA
Frame ID: 8AD270459F8F265E1DE8CBF5D727DD25
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827871763332415
Frame ID: 44D60A696014BD889F63CABD1438787E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1
Frame ID: F3031A3A9F8E56D4908D43116DE2575F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 3C11EF4687E006AD85285083B25036FB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52E6187C9E9557FBA4827E4B976179E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://is.gd/7msidr HTTP 301
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.m... HTTP 301
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.m... HTTP 301
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

199
Requests

81 %
HTTPS

33 %
IPv6

66
Domains

87
Subdomains

60
IPs

8
Countries

5565 kB
Transfer

11054 kB
Size

0
Cookies

81 Outgoing links

These are links going to different origins than the main page.

URL: https://3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s1600/vans%2Bwaffles%2Bnew.jpg

Search URL Search Domain Scan URL

URL: http://www.vansfoods.com/
Title: Van’s Foods

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s1600/vans%2Bwaffles.png

Search URL Search Domain Scan URL

URL: http://www.vansfoods.com/store-locator
Title: http://www.vansfoods.com/store-locator

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=4314623122125385118&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4314623122125385118&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s1600/DSC03999.JPG

Search URL Search Domain Scan URL

URL: http://www.dunkindonuts.com/
Title: Dunkin’ Donuts GranDDe Burrito

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=2559517138068040633&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=2559517138068040633&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/--SIWIeUY5Zk/VWdZRmOvNYI/AAAAAAAAKHU/tPz_WZbOjkU/s1600/IMG_1901.JPG

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s1600/renuzit.jpg

Search URL Search Domain Scan URL

URL: https://www.renuzit.com/product/pearl-scents/
Title: Renuzit Pearl Scents

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=6434553245353728674&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=6434553245353728674&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.tomoson.com/?code=TOPc8cf961c3e0f07636326f336db3d1f31

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/broadwalk%2Bbread.JPG

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/IMG_1378.JPG

Search URL Search Domain Scan URL

URL: http://www.tomoson.com/?code=BOTTOMc8cf961c3e0f07636326f336db3d1f31

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=5237242149596847817&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=5237242149596847817&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/greatergoodcollage.jpg

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/
Title: GreaterGood

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/jewelry/
Title: jewelry

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/jewelry/multigem/
Title: multi-gem bracelet

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/breast-cancer/
Title: Breast Cancer

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/autism/
Title: Autism Awareness

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/veterans/
Title: Veterans

Search URL Search Domain Scan URL

URL: http://1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/mothers%2Bday%2Bgreatergood.jpg

Search URL Search Domain Scan URL

URL: http://shop.greatergood.com/india-multi-gems-bracelet/s/
Title: multi-gem bracelet

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=307315048534856232&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=307315048534856232&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/scentsplash.jpg

Search URL Search Domain Scan URL

URL: http://www.purex.com/products/fragrance-boosters/purex-crystals-scentsplash/
Title: Purex Crystals ScentSplash

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=4568565177670215748&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=4568565177670215748&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/miracle%2Boil.jpg

Search URL Search Domain Scan URL

URL: http://www.dialsoap.com/products/miracle-oil-marula-oil-infused-liquid-hand-soap
Title: Dial Miracle Oil Hand Soap

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3261223850769490648&postID=3881313169006416000&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=3261223850769490648&postID=3881313169006416000&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/More-4-Moms-Buck/152981848065368

Search URL Search Domain Scan URL

URL: http://twitter.com/more4momsbuck/

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/112807694890084981689/posts

Search URL Search Domain Scan URL

URL: http://pinterest.com/more4momsbuck

Search URL Search Domain Scan URL

URL: http://www.myblogspark.com/

Search URL Search Domain Scan URL

URL: http://www.usfamilyguide.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.sverve.com/profile/Cristine-Struble-NjM2MQ==

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fposts%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fposts%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fcomments%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=http%3A%2F%2Fwww.more4momsbuck.com%2Ffeeds%2Fcomments%2Fdefault
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/7msidr HTTP 301
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review HTTP 301
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review HTTP 301
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

Request Chain 19

http://www.tomoson.com/images/front/pixel.png HTTP 301
https://www.tomoson.com/images/front/pixel.png

Request Chain 37

http://www.usfamilyguide.com/graphics/USFGmemberbadge.png HTTP 301
https://www.usfamilyguide.com/graphics/USFGmemberbadge.png

Request Chain 40

http://ap.lijit.com/www/delivery/fpi.js HTTP 301
https://ap.lijit.com/www/delivery/fpi.js

Request Chain 48

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 56

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 65

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=1098577699&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1924400077.1624039536.1624039536.1624039536.1%3B%2B__utmz%3D70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=1098577699&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1924400077.1624039536.1624039536.1624039536.1%3B%2B__utmz%3D70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 69

http://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1924400077.1624039536.1624039536.1624039536.1&_utmz=70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624039536006&_u=YSBCgEABC~&jid=92988860&gjid=805139789&cid=1924400077.1624039536&tid=UA-53521312-22&_gid=110257255.1624039536&z=860430802 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1924400077.1624039536.1624039536.1624039536.1&_utmz=70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624039536006&_u=YSBCgEABC~&jid=92988860&gjid=805139789&cid=1924400077.1624039536&tid=UA-53521312-22&_gid=110257255.1624039536&z=860430802

Request Chain 87

https://px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q6773259361404246867J&l=true HTTP 302
https://px.owneriq.net/noop?ct=text%2Fhtml

Request Chain 88

https://px.owneriq.net/j/?ref=http://www.more4momsbuck.com/search/label/giveaway.%2520product%2520review&pt=igpkg3&t=f%7C%22More%25204%2520Mom%253A%2520giveaway.%2520product%2520review%22&s=ba2e HTTP 302
https://px.owneriq.net/noop?ct=application%2Fx-javascript

Request Chain 116

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent=

Request Chain 118

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=

Request Chain 120

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597495978896625

Request Chain 121

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=BjfEIVU3kHIdMsVyAzSKe1ZhkSQdYcF1BjU2ErAT

Request Chain 122

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDM2OTFlM2NiMTNmZWY4MTBiN2RiNmY3&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDM2OTFlM2NiMTNmZWY4MTBiN2RiNmY3&gdpr=1&google_tc= HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 123

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=RA1CtfvsIJbq&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 125

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 127

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=&dnr=1

Request Chain 133

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1627760812821377677

Request Chain 135

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd&obuid=ENC(s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://x.bidswitch.net/sync?ssp=outbrain&user_id=s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0 HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=outbrain&bidswitch_param=d74fab18-1dcb-421b-8060-dd551a046949&gdpr=&gdpr_consent= HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=outbrain&bidswitch_param=d74fab18-1dcb-421b-8060-dd551a046949&av_tc=True HTTP 302
https://x.bidswitch.net/sync?dsp_id=352&user_id=dc7eb15f-f86a-4638-8920-824cf1e0e5e1&expires=2&ssp=outbrain&bsw_param=d74fab18-1dcb-421b-8060-dd551a046949 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&rdrctExp=true

Request Chain 136

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=559ccea6-f3be-4ae2-b288-9f16914f3b5e

Request Chain 138

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-jdXiwqtE2pfQwmVWTEWxg2w1_u5uk40rDOQh~A

Request Chain 139

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=cada5a24-d05f-11eb-bffa-b9a578538c0d

Request Chain 142

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

Request Chain 143

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=404f3055-e002-47f1-9b82-d4ea3a72c7d3

Request Chain 144

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4974627715 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4974627715 HTTP 302
https://sync.1rx.io/usersync/tradedesk/cfc66d0a-e790-4b35-8710-0a1cdbe1f59e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7dd10358-8a85-4786-9c0a-46725bb467c8-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003

Request Chain 145

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=4QQzIUtMMrA3&ev=1&pid=558355

Request Chain 146

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=1367007220574715359&gdpr=1&gdpr_consent=

Request Chain 148

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 155

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA

Request Chain 156

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827871763332415

Request Chain 157

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1

Request Chain 161

https://graph.facebook.com/v2.2/934893306639366/picture?type=small HTTP 302
https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8

Request Chain 176

https://graph.facebook.com/v2.2/697885777/picture?type=small HTTP 302
https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8

199 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request giveaway.%20product%20review Show response
www.more4momsbuck.com/search/label/
Redirect Chain

https://is.gd/7msidr
http://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review
https://links.rafflecopter.com/rcapi/v1/raffles/~0e00b4235/?e=1364130031ece8f62a901e9c&u=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review
http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

177 KB
31 KB

233ms
207ms

Document
text/html

2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

afa601bcdf704efd760c42eeea130d17b59f5794961b7da4b713f189b9584c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.more4momsbuck.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Fri, 18 Jun 2021 18:05:35 GMT
Date: Fri, 18 Jun 2021 18:05:35 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 18 Jun 2021 12:29:33 GMT
ETag: W/"efc1019b7622a646f42f6094d5a15560a6f6dd8024d48a794926fcc821c52894"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 31034
Server: GSE

Redirect headers

Server: nginx/1.4.5
Date: Fri, 18 Jun 2021 18:05:35 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Set-Cookie: rta_refr=; domain=.rafflecopter.com; max-age=432000; path=/; httponly raflrefer=1364130031ece8f62a901e9c; domain=.rafflecopter.com; max-age=432000; path=/; httponly

GET
H2 200 3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 28ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 12:12:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 16:00:59 GMT
server: sffe
age: 193970
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Thu, 16 Jun 2022 12:12:45 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HzmBN5BdTeVRAMSFBeiCNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6d4b82cd3380844627edbfe403a4c3f9"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-HzmBN5BdTeVRAMSFBeiCNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Jun 2021 18:05:35 GMT

GET
H/1.1 200
OK logo%2Bsmall.jpg
4.bp.blogspot.com/-v3RDKZC4NPk/V7SzcMH1KtI/AAAAAAAAKYc/W4e5w8zGoGMvBpKaPNFRKuPR7Rx4rNppACK4B/s1600/ 56 KB
57 KB 26ms
18ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-v3RDKZC4NPk/V7SzcMH1KtI/AAAAAAAAKYc/W4e5w8zGoGMvBpKaPNFRKuPR7Rx4rNppACK4B/s1600/logo%2Bsmall.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b9ea211ae5e16230bd91d1e79c2267c4af0644ce40bdb4e6ddd7036baf21fad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2988"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="logo small.jpg"
Timing-Allow-Origin: *
Content-Length: 57738
X-XSS-Protection: 0
Expires: Fri, 18 Jun 2021 06:55:01 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
595 B 10ms
7ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:45:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 15:55:50 GMT
server: sffe
age: 537593
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:45:42 GMT

GET
H2 200 vans%2Bwaffles%2Bnew.jpg
3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s320/ 24 KB
24 KB 25ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-DWMwLoWj5iA/V6yJhCFwjKI/AAAAAAAAKWY/MeW_4P-24ScxhUBHnbhbb3hX_7pvzdNhQCLcB/s320/vans%2Bwaffles%2Bnew.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

89f45c1dc292c651416a90fbd5f3585a3be03f3ef8da8bfc6e840b93b5d441bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="vans waffles new.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24069
x-xss-protection: 0
server: fife
etag: "v2968"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H2 200 vans%2Bwaffles.png
2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s320/ 41 KB
41 KB 32ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-b0XQJ9dvsX8/V6kc9R9HYBI/AAAAAAAAKV4/EWsjP6QOqwoqIPkThwmqfKjfLWEKq8T6wCLcB/s320/vans%2Bwaffles.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

608a08d270843ea76943c0344017b6ec948e45cbb67042190f4db5d4ebd35c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 16:02:14 GMT
x-content-type-options: nosniff
age: 7401
content-disposition: inline;filename="vans waffles.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41873
x-xss-protection: 0
server: fife
etag: "v295f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK launch.js Show response
widget-prime.rafflecopter.com/ 361 B
805 B 134ms
33ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/launch.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 23:14:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 21 Nov 2014 19:12:16 GMT
Server: AmazonS3
Age: 9053473
ETag: "b3e777548d0e13cf1e51d04dc16be5c7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Cache-Control: max-age=7200, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 257
X-Amz-Cf-Id: 8bPb9oK5NqnNz8HYm4lwNkQ2WeCHL46kHOlcWFkhXjAuDV2xAGQCVg==

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
298 B 9ms
6ms Image
image/gif 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:45:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 537613
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:45:22 GMT

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias
https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

101 KB
36 KB

14ms
14ms

Script
application/javascript

2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9c56bf40c7dc06f00f7a70e6466cb0768900ff116d108f96a8c0ea6730215b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37137
x-xss-protection: 0
expires: Fri, 18 Jun 2021 18:05:35 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias
Date: Fri, 18 Jun 2021 18:05:35 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 271
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 126ms
112ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3261223850769490648&zx=4cb58a9a-28e5-4325-8b90-b9fad9031f00

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 18:05:35 GMT
server: GSE
date: Fri, 18 Jun 2021 18:05:35 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 141 KB
49 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50591
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 14:59:06 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 54 KB
17 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 19:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17642
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 19:29:38 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 11ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 05:36:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 44918
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Fri, 02 Jul 2021 05:36:57 GMT

GET
H3-29 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
424 B 9ms
8ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:08:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:01:22 GMT
server: sffe
age: 557838
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Sat, 19 Jun 2021 07:08:17 GMT

GET
H3-29 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
116 B 9ms
7ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:09:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 561350
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Sat, 19 Jun 2021 06:09:45 GMT

GET
H3-29 200 navbar.g Show response
www.blogger.com/ Frame 6451 7 KB
3 KB 585ms
584ms Document
text/html 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0d3221b12c4cbd929794b59cf228a9fdd32815da4ef080af458cfc2cec87ead

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2591
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 DSC03999.JPG
1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s320/ 23 KB
23 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k4v0HpwGcfA/VvC6eLHG51I/AAAAAAAAKRc/upkNPWtaC7Q1Zsk1goJBDMrQNJF3GfG6A/s320/DSC03999.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d0f13a22131fd2ed2bf9740816774446888e3f3f3aadaa1a46ebdc4ff5c0c199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 16:02:14 GMT
x-content-type-options: nosniff
age: 7401
content-disposition: inline;filename="DSC03999.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23388
x-xss-protection: 0
server: fife
etag: "v2918"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK renuzit.jpg
2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s320/ 31 KB
32 KB 25ms
20ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-tiIZcMozgmQ/VWdZ7wOZ-eI/AAAAAAAAKHc/fW0G1CrZEgU/s320/renuzit.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22879d796f880eb320552b4033f48b14d044622f0b1132dea8006e4ec4387507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2878"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="renuzit.jpg"
Timing-Allow-Origin: *
Content-Length: 32123
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK launch.js Show response
widget-prime.rafflecopter.com/ 361 B
805 B 70ms
50ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://widget-prime.rafflecopter.com/launch.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 23:14:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 21 Nov 2014 19:12:16 GMT
Server: AmazonS3
Age: 9053473
ETag: "b3e777548d0e13cf1e51d04dc16be5c7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 084f866feba2345e668d9a32662696cf.cloudfront.net (CloudFront)
Cache-Control: max-age=7200, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 257
X-Amz-Cf-Id: QimjsZOiXc0T_kLdtF_55aJj97KS1UYcyHJFFQnC0lAnTFBtskxpXw==

GET
H/1.1

404
Not Found

pixel.png
www.tomoson.com/images/front/
Redirect Chain

http://www.tomoson.com/images/front/pixel.png
https://www.tomoson.com/images/front/pixel.png

0
0

395ms
167ms

Image
text/html

198.61.128.38
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tomoson.com/images/front/pixel.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.61.128.38 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

Redirect headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.tomoson.com/images/front/pixel.png
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=150
Content-Length: 254
Expires: Fri, 18 Jun 2021 18:05:35 GMT

GET
H/1.1 200
OK broadwalk%2Bbread.JPG
2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/ 360 KB
361 KB 26ms
20ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-onXUF4WnJpk/VUELU0pOJCI/AAAAAAAAKDQ/Y7DHnWTS-qQ/s1600/broadwalk%2Bbread.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

512f3ebe424f60dc4d784147ace0f1f236585a6e6182700dc0241dffed4008bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2835"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="broadwalk bread.JPG"
Timing-Allow-Origin: *
Content-Length: 368956
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK IMG_1378.JPG
3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/ 359 KB
359 KB 14ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-njtuBccKAM0/VUJyACUqVnI/AAAAAAAAKDk/1LUUnlmDGi4/s1600/IMG_1378.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

10255a28643d2fa90d8f5d718322a760315369349d54b86127babd5f481f1dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 16:02:14 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 7401
ETag: "v283a"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_1378.JPG"
Timing-Allow-Origin: *
Content-Length: 367143
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK greatergoodcollage.jpg
3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/ 106 KB
107 KB 26ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-xRrGBPf5TPU/VTUwKVXuA6I/AAAAAAAAKCY/osXbKVuCHW0/s1600/greatergoodcollage.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e3f7c911d1582b04745a69d60e851f4c10cf086eb9ff6a29e4417e217881518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2827"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="greatergoodcollage.jpg"
Timing-Allow-Origin: *
Content-Length: 108948
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK mothers%2Bday%2Bgreatergood.jpg
1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/ 130 KB
130 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-HQHyQ6YSOIs/VTU13D8_sDI/AAAAAAAAKCo/cEFZz7_etRA/s1600/mothers%2Bday%2Bgreatergood.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70a268b8c61b80484f66c3f1b846a8cac2b16b3d26d81cb333992275e4657431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 16:02:14 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 7401
ETag: "v282b"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mothers day greatergood.jpg"
Timing-Allow-Origin: *
Content-Length: 132972
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:58 GMT

GET
H/1.1 200
OK scentsplash.jpg
3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/ 309 KB
309 KB 27ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-qQGXMrSOKN4/VTAF_9iaYWI/AAAAAAAAKB4/AaT0-qnnJUY/s1600/scentsplash.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7301da263f1eeb82d977395738fc9c1969d941ae548d5e0a2ea30e2abf9881a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v281f"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="scentsplash.jpg"
Timing-Allow-Origin: *
Content-Length: 316379
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK miracle%2Boil.jpg
2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/ 196 KB
196 KB 28ms
23ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-iQfPZ9CmoeI/VSg6ZT1VVBI/AAAAAAAAKA8/jom4UqxFVq4/s1600/miracle%2Boil.jpg

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

943d646e594ac17f3685f072a480b07754d72d2fb595e9b7afaf5f8e9c440ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v2810"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="miracle oil.jpg"
Timing-Allow-Origin: *
Content-Length: 200448
X-XSS-Protection: 0
Expires: Sat, 19 Jun 2021 11:42:59 GMT

GET
H/1.1 200
OK more-for-moms-buck-facebook_zps39235c70.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
2 KB 100ms
47ms Image
image/webp 65.9.77.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-facebook_zps39235c70.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: 1ecf4e3f907eba818100c2ccc71baf8dd6c1bd9b0cd1772cb58a86adb946b128

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
Age: 393409
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-facebook_zps39235c70.webp"
Connection: keep-alive
Content-Length: 1682
X-Request-Id: 9Qkq5nKtKjmEftLSPt3Ac
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zTY4ggFagAYkjw9xREVhWMBQT2ABC2-hr-ZAI0oijveSrB6mJTFUZg==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK more-for-moms-buck-contact_zps18b89e8c.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 113ms
63ms Image
image/webp 65.9.77.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-contact_zps18b89e8c.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: f63b64f6e667b334b1656d61ac15b4c9f1a2d559660dd8c7ed90933916e10351

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
Age: 393409
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-contact_zps18b89e8c.webp"
Connection: keep-alive
Content-Length: 2468
X-Request-Id: NNUC9AVOmFs9dODJdwQO3
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: eA0Ge8yT4OMCL1CsMrAV0X8lNAka_XAOWgVT1mdreIJFsS8IUuYcfg==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK more-for-moms-buck-twitter_zpsab7fd7ad.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
2 KB 93ms
46ms Image
image/webp 65.9.77.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/more-for-moms-buck-twitter_zpsab7fd7ad.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: b01bd450c0e2a1f95217c2b29b20fbcb92b46384f2019fe230c3c2325d52a530

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:48:46 GMT
Via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
Age: 393409
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="more-for-moms-buck-twitter_zpsab7fd7ad.webp"
Connection: keep-alive
Content-Length: 1628
X-Request-Id: CJs30OjVckRVewNU9BXE3
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FHNqHEud5EqUXJPznwILyGF5c9uDA_htSb40foSlwDnrrl1XBVvc0Q==
Expires: Mon, 14 Jun 2021 05:48:46 GMT

GET
H/1.1 200
OK google1_zpse0209f95.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 94ms
47ms Image
image/webp 65.9.77.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/google1_zpse0209f95.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: 9a201d1da0b25de21554b10225d744d0c136817d1d08e79a4be09419154c06fd

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 10:16:58 GMT
Via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
Age: 114517
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="google1_zpse0209f95.webp"
Connection: keep-alive
Content-Length: 1974
X-Request-Id: _UAC4-jqKnlCb6H_i3R0v
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: L_FosRZAIkJLChxX2kHkAW3Y6NUtqRAfDHXnjQMUcFZ1q09Y2tQQMw==
Expires: Thu, 17 Jun 2021 11:16:58 GMT

GET
H/1.1 200
OK pinterest1_zpsebfe4891.png
i1353.photobucket.com/albums/q663/more4momsbuck/ 2 KB
3 KB 97ms
52ms Image
image/webp 65.9.77.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1353.photobucket.com/albums/q663/more4momsbuck/pinterest1_zpsebfe4891.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: photobucket /
Resource Hash: a8905c07778a94159d7b297dbef92db645e1e28671a3014e674a2c543707751f

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 10:16:59 GMT
Via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
Age: 114516
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="pinterest1_zpsebfe4891.webp"
Connection: keep-alive
Content-Length: 2000
X-Request-Id: go0pZbvvR4k8bP0TTZx2F
Server: photobucket
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: AMS1-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: IIYgo6e5TxFmHW2I68lj7oZp1997Z5kOcbEZU72pPJAPIrLla3bpLw==
Expires: Thu, 17 Jun 2021 11:16:59 GMT

GET
H3-29 200 DSC04781.JPG
3.bp.blogspot.com/-UQbh__oPviE/V783LfgvTWI/AAAAAAAAKbI/iJjLHeXwAZUPNH_irenk6VYuKZU3ee7DgCLcB/s320/ 25 KB
25 KB 33ms
18ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UQbh__oPviE/V783LfgvTWI/AAAAAAAAKbI/iJjLHeXwAZUPNH_irenk6VYuKZU3ee7DgCLcB/s320/DSC04781.JPG

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f30e081789daab640b9ebfa210517f382b2d50969402b9db32e0a1642a9bc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="DSC04781.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25618
x-xss-protection: 0
server: fife
etag: "v29b6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:55:04 GMT

GET
H/1.1 404
Not Found moreformomsbuckgiveaway.png
img155.imageshack.us/img155/5598/ 0
0 328ms
308ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img155.imageshack.us/img155/5598/moreformomsbuckgiveaway.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bd2bae9822848102c101c9622b2795b0598baa218ad1b82c572bd3f4dda720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 18 Jun 2021 18:05:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12397068493466332129
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33373
X-XSS-Protection: 0
Expires: Fri, 18 Jun 2021 18:05:35 GMT

GET
H/1.1 404
Not Found moreformomsbuckaffiliat.png
img651.imageshack.us/img651/7589/ 0
0 325ms
305ms Image
text/html 38.99.77.16
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img651.imageshack.us/img651/7589/moreformomsbuckaffiliat.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.16 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK button1.jpg
www.momselect.com/images/ 18 KB
18 KB 320ms
183ms Image
image/jpeg 64.111.116.72
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.momselect.com/images/button1.jpg
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 64.111.116.72 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: hipleasures.com
Software: Apache /
Resource Hash: 07f5bade0660e4a3f0e5b5fe4b1bf78e1f949c9e2eeee0f37c946077c3873feb

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
Last-Modified: Wed, 23 Aug 2017 13:40:27 GMT
Server: Apache
ETag: "470e-5576bdad3f840"
Vary: User-Agent
Upgrade: h2
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=100
Content-Length: 18190
Expires: Sun, 18 Jul 2021 18:05:35 GMT

GET
H/1.1 404
Not Found MBSWebButton.jpg
www.myblogspark.com/images/ 0
0 450ms
308ms Image
text/html 209.141.56.224
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.myblogspark.com/images/MBSWebButton.jpg
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 209.141.56.224 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS: b000.b000.banligo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1

403
Forbidden

USFGmemberbadge.png
www.usfamilyguide.com/graphics/
Redirect Chain

http://www.usfamilyguide.com/graphics/USFGmemberbadge.png
https://www.usfamilyguide.com/graphics/USFGmemberbadge.png

0
0

492ms
163ms

Image
text/html

143.198.246.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usfamilyguide.com/graphics/USFGmemberbadge.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.246.108 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Redirect headers

Location: https://www.usfamilyguide.com/graphics/USFGmemberbadge.png
Date: Fri, 18 Jun 2021 18:05:35 GMT
Server: Protected by COMODO WAF
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 266
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found moreformomsbuckattendin.png
img11.imageshack.us/img11/5257/ 0
0 331ms
305ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img11.imageshack.us/img11/5257/moreformomsbuckattendin.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 200
OK type_2.png
www.sverve.com/images/badges/ 40 KB
41 KB 62ms
43ms Image
image/png 2606:4700:3034::ac43:884f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sverve.com/images/badges/type_2.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 2606:4700:3034::ac43:884f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236dbce5f69fd65b3e40b0f2d2831d3c49aee5f0fb8b04f88c964d1cdaf034a6

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1036167
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 40957
cf-request-id: 0ac1e5cc3600004a6e0a09c000000001
Server: cloudflare
Etag: "d8b283c026cbb04f8413caf7ac1bf51d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=seMPXj%2FnPglyECLT2KNBXYGhds0dMnrJWeVxiS9J%2FtXKcSCffnoQsObsV%2BF8iEeLnpnuduXEd3XBULxivqxRivzlef2Y%2FTkeuLpuST5K4E1mGhk8A2nKq8cMyHL9dAHf0OToaVDRiPQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
CF-RAY: 66167259fddb4a6e-FRA

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js
https://ap.lijit.com/www/delivery/fpi.js

5 KB
3 KB

123ms
46ms

Script
text/javascript

216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js
Content-length: 0

GET
H/1.1 404
Not Found moreformomsbuckfollower.png
img841.imageshack.us/img841/6250/ 0
0 336ms
317ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img841.imageshack.us/img841/6250/moreformomsbuckfollower.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H/1.1 404
Not Found moreformomsbucksubscrib.png
img839.imageshack.us/img839/5461/ 0
0 324ms
305ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img839.imageshack.us/img839/5461/moreformomsbucksubscrib.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H3-29 200 arrow_dropdown.gif
resources.blogblog.com/img/widgets/ 141 B
162 B 7ms
6ms Image
image/gif 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/arrow_dropdown.gif

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:40:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 534306
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
expires: Sat, 19 Jun 2021 13:40:29 GMT

GET
H3-29 200 icon_feed12.png
resources.blogblog.com/img/ 500 B
521 B 7ms
7ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon_feed12.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:53 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 558102
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
expires: Sat, 19 Jun 2021 07:03:53 GMT

GET
H3-29 200 subscribe-netvibes.png
resources.blogblog.com/img/widgets/ 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-netvibes.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:43:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 12:54:26 GMT
server: sffe
age: 526926
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1445
x-xss-protection: 0
expires: Sat, 19 Jun 2021 15:43:29 GMT

GET
H3-29 200 subscribe-yahoo.png
resources.blogblog.com/img/widgets/ 580 B
601 B 8ms
8ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-yahoo.png

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:34:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:01:22 GMT
server: sffe
age: 570659
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 0
expires: Sat, 19 Jun 2021 03:34:36 GMT

GET
H/1.1 404
Not Found moreformomsbucksavings.png
img340.imageshack.us/img340/5907/ 0
0 333ms
313ms Image
text/html 38.99.77.17
EZRI-36323

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img340.imageshack.us/img340/5907/moreformomsbucksavings.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 38.99.77.17 , United States, ASN36323 (EZRI-36323, US),
Reverse DNS: imagizer-cv.imageshack.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

9ms
6ms

Script
text/javascript

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 20512
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Fri, 02 Jul 2021 12:23:43 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK load.min.js Show response
s3.amazonaws.com/cgc-badge-v2/ 0
360 B 411ms
115ms Script
text/javascript 52.217.166.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cgc-badge-v2/load.min.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.166.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
Server: AmazonS3
x-amz-request-id: 8JEDM8FQV6Q3QV9J
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: kQs6kJrMusJyzl14eJZbb+3T+xaSLF3GonpPUtcd921A/1G2hA+7qIiSEl0qaOs0sxUe4BQOQW8=

GET
H/1.1 200
OK common.js Show response
s3.amazonaws.com/cgc-badge-v2/ 0
360 B 410ms
114ms Script
text/javascript 52.217.166.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cgc-badge-v2/common.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.166.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Last-Modified: Fri, 07 May 2021 06:33:05 GMT
Server: AmazonS3
x-amz-request-id: 8JE6NS0C4MDD7GX4
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: y0BppFD6e5Tj5y1sw6OH1n/iWfU1L7nbofWfOV4z/PTdMfrH+EnIcEtMiIsX8niuRYzStg0H410=

GET
H/1.1 200
OK 3KeS6d9u263qIgvO2ypTWE4d1cR8ZkRP.js Show response
badge.clevergirlscollective.com/v2/ 0
271 B 393ms
334ms Script
application/javascript 34.209.120.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://badge.clevergirlscollective.com/v2/3KeS6d9u263qIgvO2ypTWE4d1cR8ZkRP.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 34.209.120.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-120-242.us-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
Last-Modified: Sun, 06 Dec 2020 21:55:31 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fcd5353-0"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK cookienotice.js Show response
www.more4momsbuck.com/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.more4momsbuck.com/js/cookienotice.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.more4momsbuck.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: */*
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Cookie: __utma=70565388.1924400077.1624039536.1624039536.1624039536.1; __utmb=70565388; __utmc=70565388; __utmz=70565388.1624039536.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 11:42:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Jun 2021 23:54:36 GMT
Server: sffe
Age: 22956
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Fri, 25 Jun 2021 11:42:59 GMT

GET
H3-29 200 1289263365-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
147 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e185ca0df36101658cfe1ee78417ddec00b4e293295631b0be0d8428737a1421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 02:34:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:55:07 GMT
server: sffe
age: 142243
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150469
x-xss-protection: 0
expires: Fri, 17 Jun 2022 02:34:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: HXKDOYzMY2ywHSn1+z7DvG8oWWYAMr9ULApq/YqGBK/lK/dDGtqy6K2rE9pLEQnNVV1mt6v/Mvogv7tQhXD0Sw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK igpkg3.js Show response
px.owneriq.net/stas/s/ 12 KB
12 KB 144ms
38ms Script
text/javascript 104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/stas/s/igpkg3.js
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 25fc81b6d3f3fe8d4dd0544b4ff143abbf5d0552a39cc81f6102781bfa1f000a

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
Content-Type: text/javascript
X-Powered-By: PHP/5.3.3
Content-Length: 12359
Expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H3-29

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

15ms
13ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4018
date: Fri, 18 Jun 2021 16:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 18:58:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 565ms
564ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3261223850769490648&zx=4cb58a9a-28e5-4325-8b90-b9fad9031f00

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 18:05:36 GMT
server: GSE
date: Fri, 18 Jun 2021 18:05:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK load.js Show response
widget-prime.rafflecopter.com/ 5 KB
3 KB 82ms
82ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/load.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/launch.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc9c0210472da908d21e73701c914e53781c4688a7f4595ef8d0189b0a5070f4

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
Server: AmazonS3
Age: 39
ETag: "b5c8176413f5bc6e3af22f14dfae3607"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Cache-Control: max-age=100, s-maxage=50
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 2161
X-Amz-Cf-Id: Pg-_bLhNcRhlZJvrZqWI-fsInGXiih86lewJP4Qcg_fH9oNoOY7PPw==

GET
H3-29 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 02:58:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 572815
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
expires: Sat, 19 Jun 2021 02:58:40 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
86 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8681530136578467&plah=www.more4momsbuck.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 18:05:35 GMT

GET
H/1.1 404
Not Found 53441e07e89cc826187cef35 Show response
members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/ Frame 188A 2 KB
2 KB 533ms
187ms Document
text/html 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 08696173d80522eccf1228a3a3675c0a90f9f2f8613445224e27c57f4c106205

Request headers

Host: members.one2onenetwork.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1818
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame EAD7 87 KB
20 KB 63ms
62ms Script
text/javascript 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Sat, 19 Jun 2021 18:05:35 GMT

GET
H3-29 200 s_top.png
resources.blogblog.com/img/widgets/ 335 B
358 B 7ms
7ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_top.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:03:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:01:22 GMT
server: sffe
age: 565306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Sat, 19 Jun 2021 05:03:49 GMT

GET
H3-29 200 s_bottom.png
resources.blogblog.com/img/widgets/ 172 B
193 B 7ms
6ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_bottom.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:45:56 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 537579
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:45:56 GMT

GET
H3-29

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20revi...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20rev...

35 B
55 B

44ms
44ms

Image
image/gif

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=1098577699&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1924400077.1624039536.1624039536.1624039536.1%3B%2B__utmz%3D70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:59:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18339
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1924400077&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=More%204%20Mom%3A%20giveaway.%20product%20review&utmhn=www.more4momsbuck.com&utmhid=1098577699&utmr=-&utmp=/search/label/giveaway.%20product%20review&utmac=UA-7083403-3&utmcc=__utma%3D70565388.1924400077.1624039536.1624039536.1624039536.1%3B%2B__utmz%3D70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame EAD7 159 B
550 B 47ms
45ms Script
application/x-javascript 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=177233&tid=77b1ca556ca545ae9e8ec125e6c4e29f87df03f2&mode=1&dmn=www.more4momsbuck.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: c4fecb0a227964e61ebedda9f29bc8fcfe5c8f325e9aa31aa5a56c6cee53e111

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H3-29 200 308519652912505 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/308519652912505?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d5e0deb5d2542202524d338977a8c37498617bbb03419d73c0e144ac920a768

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76101
x-xss-protection: 0
pragma: public
x-fb-debug: wsySd4yShdOH4BYv46+1yDrwNOYPbd8kkjXLsOOiIZ9SsaIdUV8eBpIRv2yo3u7USZ4PMQkyS+TFEwCioyg6MQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 44ms
44ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53521312-22&cid=1924400077.1624039536&jid=92988860&gjid=805139789&_gid=110257255.1624039536&_u=YSBCgEABCAAAAE~&z=424479334

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 18:05:36 GMT
content-type: text/plain
access-control-allow-origin: http://www.more4momsbuck.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%2...
https://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%...

35 B
55 B

6ms
6ms

Image
image/gif

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1924400077.1624039536.1624039536.1624039536.1&_utmz=70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624039536006&_u=YSBCgEABC~&jid=92988860&gjid=805139789&cid=1924400077.1624039536&tid=UA-53521312-22&_gid=110257255.1624039536&z=860430802

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 09:59:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29146
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j90&a=1098577699&t=pageview&_s=1&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&ul=en-us&de=UTF-8&dt=More%204%20Mom%3A%20giveaway.%20product%20review%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=70565388.1924400077.1624039536.1624039536.1624039536.1&_utmz=70565388.1624039536.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1624039536006&_u=YSBCgEABC~&jid=92988860&gjid=805139789&cid=1924400077.1624039536&tid=UA-53521312-22&_gid=110257255.1624039536&z=860430802
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308519652912505&ev=PageView&dl=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&rl=&if=false&ts=1624039536067&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1624039536066.1871342559&it=1624039535991&coo=false&rqm=GET

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 41FC 1 KB
1 KB 37ms
36ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: qRDks6ZlnFHteTEnh95Y4MH_S4ORz2gFgAs-ZkFP0DTkT55C-QfpvQ==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 37A6 1 KB
1 KB 70ms
33ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 9vh6bWW_EpGGOhqe_ytiqXW2vgzsJezDtyupUd056bsmiSsgg1KOJg==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame FBF4 1 KB
1 KB 103ms
35ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: ma_sRh_u2tISyWG5MVwSwZX2PbSu0InDxISVnrBUdsQCcnB8u7vnXQ==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 4924 1 KB
1 KB 101ms
34ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: fapuKbRD2-SQ3meZRLnAWxpE3x9n516YHxYP0GvOfhRqhINlu4M2BA==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame AD73 1 KB
1 KB 101ms
34ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 5cTYy10Kv900R3fyamAhau3J53lQtgKQg1l-0AFMwy7qKEnirU9Zfg==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 5061 1 KB
1 KB 99ms
33ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: nxrgMMqFCGGKof8QQbpCpMM9qTvk7tqzZhUAqWQriILPI1AMsuMBQQ==
Age: 18500779

GET
H/1.1 200
OK main.html Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 1D76 1 KB
1 KB 106ms
39ms Document
text/html 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/load.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a

Request headers

Host: widget-prime.rafflecopter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Content-Type: text/html
Content-Length: 611
Connection: keep-alive
Date: Mon, 16 Nov 2020 14:59:18 GMT
Last-Modified: Sun, 26 Jul 2020 04:37:47 GMT
ETag: "18035c66656d53a208d5462df46a8fd4"
Cache-Control: max-age=31556900, s-maxage=31556900
Content-Encoding: gzip
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: mXhor04imltAHf-I6W4X1O59wggnamMolxnhwQya7wZm24sf6peewg==
Age: 18500779

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
663 B 103ms
36ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.more4momsbuck.com&callback=_gfp_s_&client=ca-pub-8681530136578467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8681530136578467&plah=www.more4momsbuck.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

12ea93de4e8082379da8c34f0f7a1bd702cef806ff6c820109197f4c84a382df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.more4momsbuck.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 46ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.more4momsbuck.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BA4 430 B
409 B 381ms
381ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=399848373&adf=2881044700&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624039535592&bpp=13&bdt=210&idt=503&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=906524652005&frm=20&pv=2&ga_vid=1924400077.1624039536&ga_sid=1624039536&ga_hid=1098577699&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060047&oid=3&pvsid=4095168329263127&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ikD4ewlsSp&p=http%3A//www.more4momsbuck.com&dtd=518

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6e64c148ee0b05a3a562d4af593911f7b49dab65bfdea947212df7d735e11d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8681530136578467&output=html&h=125&slotname=8212577050&adk=399848373&adf=2881044700&pi=t.ma~as.8212577050&w=125&lmt=1624019373&url=http%3A%2F%2Fwww.more4momsbuck.com%2Fsearch%2Flabel%2Fgiveaway.%2520product%2520review&flash=0&host=pub-1556223355139109&wgl=1&dt=1624039535592&bpp=13&bdt=210&idt=503&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=906524652005&frm=20&pv=2&ga_vid=1924400077.1624039536&ga_sid=1624039536&ga_hid=1098577699&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060047&oid=3&pvsid=4095168329263127&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ikD4ewlsSp&p=http%3A//www.more4momsbuck.com&dtd=518
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 18:05:36 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 18:20:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 18:05:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8681530136578467&c=10&e=2570847921467975139&n=0&t=0&w=2980&x=6

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 6451 54 KB
20 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=3261223850769490648&blogName=More+4+Mom&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.more4momsbuck.com/search&blogLocale=en&v=2&homepageUrl=http://www.more4momsbuck.com/&vt=5094724058223179160&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ejDNuLkTG7Xwy1bZxXZH2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "2f833259b70b8fc0d60c939935311197"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ejDNuLkTG7Xwy1bZxXZH2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H3-29 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 6451 907 B
933 B 6ms
6ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:53:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:01:10 GMT
server: sffe
age: 547930
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Sat, 19 Jun 2021 09:53:26 GMT

GET
H3-29 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 6451 117 B
143 B 7ms
7ms Image
image/png 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:53:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 02:54:07 GMT
server: sffe
age: 558750
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sat, 19 Jun 2021 06:53:06 GMT

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 2710
Redirect Chain

https://px.owneriq.net/eps?pt=igpkg3&pid=8972&uid=Q6773259361404246867J&l=true
https://px.owneriq.net/noop?ct=text%2Fhtml

0
355 B

54ms
29ms

Document
text/html

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/igpkg3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: px.owneriq.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Length: 20
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Date: Fri, 18 Jun 2021 18:05:36 GMT
Connection: keep-alive

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/
Redirect Chain

https://px.owneriq.net/j/?ref=http://www.more4momsbuck.com/search/label/giveaway.%2520product%2520review&pt=igpkg3&t=f%7C%22More%25204%2520Mom%253A%2520giveaway.%2520product%2520review%22&s=ba2e
https://px.owneriq.net/noop?ct=application%2Fx-javascript

0
370 B

28ms
28ms

Script
application/x-javascript

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 20

Redirect headers

Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame EAD7 261 B
858 B 51ms
50ms Script
application/x-javascript 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=177233&tid=a_177233_c14af31e5ad94969827987e3bf128e23&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.more4momsbuck.com&time=18%3A05%3A36&fd=1&be=sf&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&orig_loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&abf=false&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_177233_c14af31e5ad94969827987e3bf128e23
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: da2735e6f5e66f37dfe884ebb2c00397b7a7a697b2c9e64a8aa778489e6bfded

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 212

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 41FC 221 KB
64 KB 87ms
40ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: tg7LgJ_QMuGF3liJZyTDd5a3BEUIUFIqeOKie8dVV371SJaCbcF-tw==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK app.css
members.one2onenetwork.com/css/ Frame 188A 439 KB
62 KB 399ms
157ms Stylesheet
text/css 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f5f5784725bb0f49547b7065c1254be074efd0052187a26e8f4e3d21cf617157

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:23 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6dcc9-5a9f39613ffdd-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK vue-material.css
members.one2onenetwork.com/css/ Frame 188A 102 KB
15 KB 378ms
133ms Stylesheet
text/css 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/css/vue-material.css
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: edf6cc0ca66d29bb3e30ce70c436ae7d7e566f616b90f496ea1c655b73820db9

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1984e-59f4149231f71-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15528

GET
H2 200 icon
fonts.googleapis.com/ Frame 188A 568 B
474 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://members.one2onenetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 18:05:36 GMT
server: ESF
date: Fri, 18 Jun 2021 18:05:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H/1.1 200
OK manifest.js Show response
members.one2onenetwork.com/js/ Frame 188A 798 B
791 B 376ms
131ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/manifest.js?id=2d315777967b6001bcf1
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b5dd2c84fda954bb0def276c82c506ca5b6c4f84f063bd82e6b813c12ba90524

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "31e-5a9f396243c7b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 441

GET
H/1.1 200
OK vendor.js Show response
members.one2onenetwork.com/js/ Frame 188A 982 KB
272 KB 390ms
145ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/vendor.js?id=ecdfa242dd01ed713553
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5b1ce55b0a878b5d76ec7e8bcc49992358fffacc7f9583b606f1c79a7f8c77c2

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f5688-5a9f396266f08-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK app.js Show response
members.one2onenetwork.com/js/ Frame 188A 1 MB
298 KB 393ms
149ms Script
application/javascript 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/js/app.js?id=8ebd7580d459ca368be9
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b1fe5938695f5767abd5ccebd0aef9ff5267f6b0994196a1a6a50a5532ba9303

Request headers

Referer: https://members.one2onenetwork.com/blogtracker/52c08355a02da3ea782e5e66/aHR0cDovL3d3dy5tb3JlNG1vbXNidWNrLmNvbQ==/53441e07e89cc826187cef35
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jul 2020 20:02:24 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "118ecd-5a9f3962332d5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 41FC 6 KB
7 KB 74ms
35ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: ivHOw_LCv-XmO8KwL9hnZ8X5fgIV2dg4PnVMRrwP_MtyFaYH7H_vDQ==

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 37A6 221 KB
64 KB 82ms
47ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: KnKIQYOabONLcNVyyvhZvVC-vmEAV9RkXJGcA93cqhJLT8gXRZNHJQ==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 37A6 6 KB
7 KB 47ms
35ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: XDTasyXpPExPqihVMovMFJG7K2IXtEv-fGUhx_sBAaIoE25pd-1UzQ==

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame 6451 120 KB
40 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41292
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 19:29:45 GMT

GET
H/1.1 200
OK Cookie set beacon Show response
gslbeacon.lijit.com/ Frame 44E7 2 KB
2 KB 123ms
44ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 2ece2ae8cfd23406ffa2d6ccf93177ae66db6524169d907ccdd5ad00b877d673

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.more4momsbuck.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=43691e3cb13fef810b7db6f7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

Server: nginx
Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdjTESwEAIAv9ifYXo6Ui%2BlsnfU2O5zAKvoe1BR8Ulso9dKk8q5%2FKnlMsdmsDXw1okObsR4nw%2FzIwhAw%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 18-Jun-2022 18:05:36 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 18-Jun-2022 18:05:36 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=43691e3cb13fef810b7db6f7;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame EAD7 54 KB
6 KB 47ms
45ms Script
application/json 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=177233&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: bea95d1a9b468024b10aeceff049b2adc1c0d8f5db83d5ffb410ff3e34e85bea

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap5ams1.lijit.com/addelivery/ Frame EAD7 43 B
567 B 104ms
34ms Image
image/gif 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap5ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=177233&tid=a_177233_c14af31e5ad94969827987e3bf128e23
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap5ams1.lijit.com/data/ Frame EAD7 43 B
206 B 135ms
30ms Image
image/gif 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap5ams1.lijit.com/data/fp?tid=a_177233_c14af31e5ad94969827987e3bf128e23&zoneid=177233&starttime=1624039535809&adcfg=4&adcfg_response=323&addelivery=326&addelivery_response=381&lgfired=383&beacon=384&container=386&EOL=407&ctstart=0&elapsed_ms=407
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
X-Sovrn-Pod: ad_ap5ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame FBF4 221 KB
64 KB 42ms
42ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: mGfrXPf9ZBmUuoCZy7p1quwuaP7PVRU-466oSXDtdeiACobFXzVvNw==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 5061 221 KB
64 KB 47ms
47ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: fX_x2aGcTpvkY5oKUb-tq-24GFAXEnVD_JIvqH3nMpmwL3QcHA0c8A==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame AD73 221 KB
64 KB 45ms
45ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 3gkfdHA9rniSRpNWgCOOOdYSw5lWuoiKRaxf1Vj1RogNk1eAsj-xnA==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 4924 221 KB
64 KB 36ms
36ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Jzdvo5h_IAnTk3ZeZrMaAuTe6JepHZss-3RKxsyE-mFB_z9PfnuXRg==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK main.js Show response
widget-prime.rafflecopter.com/classic/19dbbbb/ Frame 1D76 221 KB
64 KB 47ms
37ms Script
application/javascript 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Sun, 03 Jan 2021 02:00:38 GMT
Content-Encoding: gzip
Age: 14400299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 64819
Last-Modified: Sun, 26 Jul 2020 04:37:48 GMT
Server: AmazonS3
ETag: "82b7ee1f423e1887e003cfd95a7c8130"
Content-Type: application/javascript
Via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
Cache-Control: max-age=31556900, s-maxage=31556900
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 81xVgKFAaHIX9sOPsQD3QgNn5IVrKHi2lQVHr5wElTx0IYXBIi1NDg==
Expires: Sun Jul 25 2021 22:37:39 GMT-0600 (MDT)

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame FBF4 6 KB
7 KB 52ms
37ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: q4g7sl_Fdck-nx1YsYxJpBztpK8p2XFdV6ui2fWdvPH9wPUcZwiMyg==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 4924 6 KB
7 KB 89ms
36ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: XE1G-JbDUkhdtULw4YxuowVxi8BPq6PCQV-kgOLnXRcU8deYCHccwg==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame AD73 6 KB
7 KB 88ms
35ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: t_sscKSUi4uezrewNZZymqTHjzbbsynIFsvhktkTnyWWu4YK4nOx3A==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 5061 6 KB
7 KB 95ms
34ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: LUQ17CMci4EVxzIceq1neLRNVIKtB3okD-1_XzNQLWtZZOjjmQgRew==

GET
H/1.1 200
OK load.gif
widget-prime.rafflecopter.com/static/img/ Frame 1D76 6 KB
7 KB 101ms
35ms Image
image/gif 65.9.77.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-prime.rafflecopter.com/static/img/load.gif
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710

Request headers

Referer: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 02:53:38 GMT
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Oct 2014 23:54:07 GMT
Server: AmazonS3
Age: 64618
ETag: "072f7b6d88ecdbfb9d53f977905f17ea"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 6256
X-Amz-Cf-Id: QUO3umjxR6qvZN3Ekt65LhNF8X-Syqt_UxoyLc5KfCg7-zXK6fzuyw==

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame EAD7 0
225 B 58ms
38ms Script
text/plain 104.111.233.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxdrop.lijit.com/1/d/t.dhj?dmn=more4momsbuck.com&GDPR_v2=
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Server: 104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Fri, 18 Jun 2021 18:05:36 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame EAD7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent=

95 B
426 B

25ms
25ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent=

Requested by

Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:36 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Fri, 18 Jun 2021 18:05:36 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=43691e3cb13fef810b7db6f7&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame EAD7 0
344 B 382ms
32ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EAD7
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=

43 B
673 B

43ms
42ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.23.101
content-length: 0
expires: 0

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame EAD7 43 B
206 B 42ms
42ms Image
image/gif 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_177233_c14af31e5ad94969827987e3bf128e23&zoneid=177233&cid=18&geo=FR&all_tags=185%2C203%2C205%2C248%2C429%2C458%2C462%2C465%2C501%2C503%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C578%2C589%2C590%2C600&tss=72%2C72%2C72%2C74&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=75
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
X-Sovrn-Pod: ad_ap5ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 44E7
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597495978896625

43 B
1 KB

134ms
37ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597495978896625
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871597495978896625
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 44E7
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=BjfEIVU3kHIdMsVyAzSKe1ZhkSQdYcF1BjU2ErAT

43 B
1 KB

436ms
33ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=BjfEIVU3kHIdMsVyAzSKe1ZhkSQdYcF1BjU2ErAT
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=BjfEIVU3kHIdMsVyAzSKe1ZhkSQdYcF1BjU2ErAT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 44E7
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDM2OTFlM2NiMTNmZWY4MTBiN2RiNmY3&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDM2OTFlM2NiMTNmZWY4MTBiN2RiNmY3&gdpr=1&google_tc=
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

41ms
41ms

Image
image/gif

216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 44E7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=RA1CtfvsIJbq&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
969 B

40ms
40ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=RA1CtfvsIJbq&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=RA1CtfvsIJbq&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-cjz5s
expires: -1

GET
H2 200 cksync.php
contextual.media.net/ Frame 44E7 45 B
371 B 1125ms
43ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=43691e3cb13fef810b7db6f7&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 18 Jun 2021 18:05:37 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 18 Jun 2021 18:05:37 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 44E7
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
1 KB

40ms
39ms

Image
image/gif

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:39 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:39 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 44E7 0
239 B 3144ms
29ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 44E7
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=43691e3cb13fef810b7db6f7/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=&dnr=1

0
433 B

33ms
33ms

Image
text/plain

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=&dnr=1
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=5001&3pid=4505d7b160c57e38d71875e94b529f7a&gdpr=1&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame 44E7 43 B
430 B 3173ms
37ms Image
image/gif 52.49.238.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://gslbeacon.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:39 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 4F19 4 KB
2 KB 1130ms
42ms Document
text/html 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_177233_c14af31e5ad94969827987e3bf128e23&rand=8136&informer=10262686&type=fpads&loc=http%3A%2F%2Fwww.more4momsbuck.com%2F&v=1.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e7b5747a96e0f0360909304a2b988f76756572dd0b4d66f96402aff97dd7357a

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gslbeacon.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://gslbeacon.lijit.com/

Response headers

date: Fri, 18 Jun 2021 18:05:37 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd; Domain=.gumgum.com; Expires=Sat, 18-Jun-2022 18:05:37 GMT; Path=/; Secure; SameSite=None
etag: W/"01d81f0438b2479d5b121c2df7de51811"
timing-allow-origin: *
content-encoding: gzip

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAs6PugjqmiGr2BCB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 18 Jun 2021 18:05:36 GMT
content-type: text/plain
access-control-allow-origin: http://www.more4momsbuck.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK ProximaNova-Regular.otf
members.one2onenetwork.com/fonts/proxima-nova/ Frame 188A 92 KB
93 KB 122ms
122ms Font
application/font-sfnt 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/fonts/proxima-nova/ProximaNova-Regular.otf
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Request headers

Origin: https://members.one2onenetwork.com
Referer: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:37 GMT
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "171cc-59f41492a7299"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 94668

GET
H/1.1 200
OK ProximaNova-Light.otf
members.one2onenetwork.com/fonts/proxima-nova/ Frame 188A 92 KB
92 KB 121ms
121ms Font
application/font-sfnt 104.197.67.28
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://members.one2onenetwork.com/fonts/proxima-nova/ProximaNova-Light.otf
Requested by: Host: members.one2onenetwork.com
URL: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.197.67.28 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 28.67.197.104.bc.googleusercontent.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c

Request headers

Origin: https://members.one2onenetwork.com
Referer: https://members.one2onenetwork.com/css/app.css?id=cfd40070785b9760eb48
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:37 GMT
Last-Modified: Sun, 23 Feb 2020 17:07:12 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1706c-59f41492a7299"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 94316

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=1627760812821377677

35 B
237 B

43ms
42ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1627760812821377677
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:37 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.154:80
AN-X-Request-Uuid: 5d3a6c03-b5a9-468a-92a8-4be7839aea8b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1627760812821377677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 4F19 43 B
145 B 3386ms
50ms Image
image/gif 35.158.179.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.179.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 4F19
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd&obuid=ENC(s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://x.bidswitch.net/sync?ssp=outbrain&user_id=s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=s9ueCvshhN5G9NVG9gvNTSl9fHfokeM-p6lBHq8PsDP3XensL4EAURySMHwsSJn0
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=outbrain&bidswitch_param=d74fab18-1dcb-421b-8060-dd551a046949&gdpr=&gdpr_consent=
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=outbrain&bidswitch_param=d74fab18-1dcb-421b-8060-dd551a046949&av_tc=True
https://x.bidswitch.net/sync?dsp_id=352&user_id=dc7eb15f-f86a-4638-8920-824cf1e0e5e1&expires=2&ssp=outbrain&bsw_param=d74fab18-1dcb-421b-8060-dd551a046949
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&rdrctExp=true

0
472 B

96ms
96ms

Image
text/plain

64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&rdrctExp=true
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:41 GMT
Cache-Control: no-cache
X-TraceId: 448fe49dc63a3475174879823ea0e96e
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d74fab18-1dcb-421b-8060-dd551a046949&rdrctExp=true
Date: Fri, 18 Jun 2021 18:05:41 GMT
X-TraceId: f65d9ab1b106876851963283bef5f2b1
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=559ccea6-f3be-4ae2-b288-9f16914f3b5e

35 B
237 B

39ms
39ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=559ccea6-f3be-4ae2-b288-9f16914f3b5e
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 18 Jun 2021 18:05:40 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=559ccea6-f3be-4ae2-b288-9f16914f3b5e
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 4F19 43 B
168 B 3441ms
99ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 18:05:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-jdXiwqtE2pfQwmVWTEWxg2w1_u5uk40rDOQh~A

35 B
237 B

44ms
43ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-jdXiwqtE2pfQwmVWTEWxg2w1_u5uk40rDOQh~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 18 Jun 2021 18:05:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-jdXiwqtE2pfQwmVWTEWxg2w1_u5uk40rDOQh~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=cada5a24-d05f-11eb-bffa-b9a578538c0d

35 B
237 B

39ms
39ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=cada5a24-d05f-11eb-bffa-b9a578538c0d
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=cada5a24-d05f-11eb-bffa-b9a578538c0d
Date: Fri, 18 Jun 2021 18:05:40 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: cada5a25-d05f-11eb-bffa-b9a578538c0d

GET
H2 204 services
sync.technoratimedia.com/ Frame 4F19 0
294 B 3360ms
117ms Image
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:40 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 864980714
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 4F19 0
44 B 3355ms
114ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:40 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

39ms
39ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=404f3055-e002-47f1-9b82-d4ea3a72c7d3

35 B
237 B

43ms
42ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=404f3055-e002-47f1-9b82-d4ea3a72c7d3
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=404f3055-e002-47f1-9b82-d4ea3a72c7d3
date: Fri, 18 Jun 2021 18:05:38 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4974627715
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4974627715
https://sync.1rx.io/usersync/tradedesk/cfc66d0a-e790-4b35-8710-0a1cdbe1f59e
https://sync.targeting.unrulymedia.com/csync/RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-7dd10358-8a85-4786-9c0a-46725bb467c8-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003

35 B
237 B

44ms
44ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-7dd10358-8a85-4786-9c0a-46725bb467c8-003
date: Fri, 18 Jun 2021 18:05:38 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7dd103588a8547869c0a46725bb467c8003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=4QQzIUtMMrA3&ev=1&pid=558355

35 B
237 B

44ms
43ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=4QQzIUtMMrA3&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=4QQzIUtMMrA3&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-cjz5s
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame 4F19
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=1367007220574715359&gdpr=1&gdpr_consent=

35 B
237 B

37ms
37ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=1367007220574715359&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=1367007220574715359&gdpr=1&gdpr_consent=
date: Fri, 18 Jun 2021 18:05:37 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 4F19 43 B
1 KB 46ms
46ms Image
image/gif 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 18:05:38 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 17FB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=

35 B
237 B

40ms
40ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:40 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 18 Jun 2021 18:07:22 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3759 5f8f15b master cdg-pixel-x25
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=cabf60cc-e074-4b00-86f1-7d34217b2835; domain=.mathtag.com; path=/; expires=Sat, 16-Jul-2022 18:05:40 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=cabf60cc-e074-4b00-86f1-7d34217b2835&gdpr=1&gdpr_consent=
Expires: Fri, 18 Jun 2021 18:07:21 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6C54
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg
https://rtb.gumgum.com/usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg

35 B
237 B

39ms
39ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:40 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YMzgdAABrAzwIQBg&gdpr=1&gdpr_consent=&_test=YMzgdAABrAzwIQBg
accept-ranges: bytes
date: Fri, 18 Jun 2021 18:05:40 GMT
via: 1.1 varnish
x-served-by: cache-fra19138-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1624039541.739305,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame C812
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

38ms
38ms

Document
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Fri, 18 Jun 2021 18:05:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTc4OWNmMi0xYTZkLTQ4MjQtYTVhNS1lYTRkNTU3YjU4YmQ=&gdpr=1&gdpr_consent=&google_tc=
date: Fri, 18 Jun 2021 18:05:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 18:20:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5927 14 KB
5 KB 3147ms
47ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=26386
expires: Sat, 19 Jun 2021 01:25:26 GMT
date: Fri, 18 Jun 2021 18:05:40 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 2B68 0
0 1357ms
110ms Document
text/plain 208.100.17.175
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.175 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip175.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Fri, 18 Jun 2021 18:05:38 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 1872 70 B
265 B 726ms
54ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 45D0 0
0 3215ms
51ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Fri, 18 Jun 2021 18:05:40 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8AD2
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA

35 B
237 B

39ms
38ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:45 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 18 Jun 2021 18:05:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YMzgecCo8XgAAIBUMAsAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 4
X-SO-HostName: m-ad182.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng20.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":54,"gdpr":true,"ipv4":"0.0.0.0","key":"YMzgecCo8XgAAIBUMAsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad182"}
X-SO-Key: YMzgecCo8XgAAIBUMAsAAAAA
X-SO-IP: 82.102.18.114
X-SO-Cluster-ID: 54
X-SO-Upstream-ID: m-ad182

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 44D6
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827871763332415

35 B
237 B

43ms
43ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827871763332415
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827871763332415
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_89789cf2-1a6d-4824-a5a5-ea4d557b58bd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:37 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 18 Jun 2021 18:05:37 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYGxpamxuamAOAN1_VDAQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 13 Jul 2022 18:05:37 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzQ3MzY2NjIxNBXiM9R11jWvSsmO9_TJCjaX4jU0MzIxMLY0NTY3NTADANKwDMo0AAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 13 Jul 2022 18:05:37 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzQ3MzY2NjIxNBXiM9R11jWvSsmO9_TJCjYHAA-sJBQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827871763332415
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame F303
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1

35 B
237 B

39ms
39ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Fri, 18 Jun 2021 18:05:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 18 Jun 2021 18:05:44 GMT Fri, 18 Jun 2021 18:05:44 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=wdC1THItw2CNoWGEjosu&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 41FC 70 KB
70 KB 142ms
39ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340225
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: WD3YyFOfVPE0GHUi-PKToK-kf2hJRWnizPLqwebuxCDJZs4kkAQaqA==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 41FC 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-trip-id: 686109401
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 41FC 1 KB
2 KB 353ms
33ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2128
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: Nf3iDCEk8Gabo2KK9uAvQmCGOEXHPCXyRfB0rsWcBRTr-PXi6FJLUg==

GET
H2

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/ Frame 41FC
Redirect Chain

https://graph.facebook.com/v2.2/934893306639366/picture?type=small
https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scont...

998 B
1 KB

20ms
6ms

Image
image/jpeg

2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Fri, 18 Jun 2021 18:05:38 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 998

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003996631
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: EAMZ8tykbz5LYkVzmAfe1VWbw3BHE/2AgePeBUwGjyYbusgBQHXMxL1yIXJn/iN/Q7MJ279Y3irlLiObVLtd4w==
x-fb-trace-id: Am+9jBLIoUW
date: Fri, 18 Jun 2021 18:05:38 GMT
content-type: image/jpeg
location: https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8
x-fb-request-id: AcAcCTCfXt_YLR6bUAGsv6N
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.3
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 41FC 246 KB
73 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H2 200 convert
www.filepicker.io/api/file/bp9pG6kRNCTlkKY72epE/ Frame 41FC 265 KB
266 KB 75ms
21ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.filepicker.io/api/file/bp9pG6kRNCTlkKY72epE/convert?dl=false&crop=0,0,1498,1498&quality=95&fit=scale&cache=true
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d88f84797ba2f2053b128b17102275fb455ea7ce371245de63daedf2ab5348c9

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 227928
x-cache: HIT, HIT
content-length: 271429
x-served-by: cache-bwi5179-BWI, cache-cdg20721-CDG
last-modified: Wed, 16 Jun 2021 02:46:51 GMT
x-timer: S1624039538.239698,VS0,VE2
etag: "af98db113daf902fb9d97919978711bd"
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
filestack-trace-id: 1623811609-93TLj1SDSe
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame 41FC 944 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee3fbd016af7ca7f3f07ea12f6ed51da7e33d0de9b8dce98c0039f5a8586c365

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 37A6 70 KB
70 KB 99ms
99ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340225
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: pWiZnBAnyC70Opi8GfDdVBdwIXn2nw6UGixusimXiLIYnjaLa3wKJg==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 37A6 1 KB
2 KB 39ms
33ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2128
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: djV4GeWdSgoicsj5wHSY4Ql6z-Kp0kA7itCzQx6sdRdLL2d_9rGWzw==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 37A6 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 37A6 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame FBF4 70 KB
70 KB 34ms
34ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340225
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: F4WK4qB4rsBFQQiZzwhOBP3PDv_vlMUd6YE9xmm5VtfB_qSuLsrZTw==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame FBF4 1 KB
2 KB 33ms
32ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2128
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: lzoplBLHeNE1tCSCzDTie-iRMcn2ywVduJmtFROjCPXhZeXjx4jI-Q==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FBF4 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FBF4 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame AD73 70 KB
70 KB 37ms
37ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340226
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: 07N3kGACTMYuzshrbYU9AWaUHkP3THifGiz-_FfQ82LrcKB8Qj04-g==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame AD73 1 KB
2 KB 34ms
33ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2129
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: cYPOOjkhbAHufdeEU3UpsxLrO2LjYKzKlhpNLY5BrGCiTsLgR1FtRQ==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame AD73 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29

200

84628273_176159830277856_972693363922829312_n.jpg
scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/ Frame AD73
Redirect Chain

https://graph.facebook.com/v2.2/697885777/picture?type=small
https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scont...

998 B
1 KB

14ms
6ms

Image
image/jpeg

2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8
Requested by: Host: www.more4momsbuck.com
URL: http://www.more4momsbuck.com/search/label/giveaway.%20product%20review
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-haystack-needlechecksum: 674913611
date: Fri, 18 Jun 2021 18:05:39 GMT
last-modified: Mon, 03 Feb 2020 18:53:54 GMT
content-length: 998
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3168106802
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003996631
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jJwza2sESnC35BiLBdlBk+nywgtcXOzBX1B6qoi+cfpiS5kldI0LYXdj4QjQFst/I83yMga7UtfDrnw56+HcMA==
x-fb-trace-id: DtGB8hJCfOT
date: Fri, 18 Jun 2021 18:05:39 GMT
content-type: image/jpeg
location: https://scontent-frx5-2.xx.fbcdn.net/v/t1.30497-1/cp0/c15.0.50.50a/p50x50/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=wpKUwooeXHAAX-6CpCx&_nc_ht=scontent-frx5-2.xx&tp=27&oh=865b2c2c059df77a3bb755fc0b0a833d&oe=60D166B8
x-fb-request-id: AUu0leUElIQQ_PTTPVxkLs7
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.3
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame AD73 246 KB
73 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 4924 70 KB
70 KB 33ms
33ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340226
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: YmZl6Bo0yDg2ZOkToGeQZ26xLnjw5P4fvBQFpC4YMrN-e2OCZbuyYg==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 4924 1 KB
2 KB 33ms
32ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2129
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: xGpp_lulwYuIggM7AuVrpTtrN947bNpCSDZUwzhec3oKHXdc6MTF7g==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 4924 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 4924 246 KB
73 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 5061 70 KB
70 KB 33ms
32ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340227
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: vnjv9ZT5BK7QbrwEVgKJU-FFUnvJl5zUKwdlxV8Xeb3RpbP1JDDfmA==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 5061 1 KB
2 KB 33ms
32ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2130
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: mKl6uM5FKAH4fUuBcVPlp68fNn5hVdRmHRGLiv8-z5xuE6TXP2wC1g==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5061 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5061 246 KB
73 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H/1.1 200
OK default.css
customizer-css.rafflecopter.com/-/19dbbbb/classic/ Frame 1D76 70 KB
70 KB 33ms
32ms Stylesheet
text/css 65.9.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customizer-css.rafflecopter.com/-/19dbbbb/classic/default.css
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.5 / Express
Resource Hash: de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 19:35:26 GMT
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection: keep-alive
Server: nginx/1.4.5
Age: 340227
X-Powered-By: Express
ETag: W/"11787-XRaPRdxcPePUrZVLqTmPLH2fk/M"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css; charset=utf8
Cache-Control: max-age=31556900, s-maxage=604800;
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 71559
X-Amz-Cf-Id: Jopiw8n15t4ja2bhbY68j8cR5AXws8TF9fqbcg5R4dLGUbWNCG9bGQ==
Expires: Thu, 01 Dec 2016 20:00:00 GMT

GET
H/1.1 200
OK fb-min.png
d1bg42r4siwejx.cloudfront.net/ Frame 1D76 1 KB
2 KB 36ms
36ms Image
image/png 65.9.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bg42r4siwejx.cloudfront.net/fb-min.png
Requested by: Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 17:30:11 GMT
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jul 2019 14:24:02 GMT
Server: AmazonS3
Age: 2130
ETag: "3aaa41124a1231a77feeb05813fe1226"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 1188
X-Amz-Cf-Id: tG0d2eW8VZJtoB_JWXHbr_zAkgLGxubdGIcsPU1iSDZbYdOmlC-5bQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1D76 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget-prime.rafflecopter.com
URL: https://widget-prime.rafflecopter.com/classic/19dbbbb/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGitQnZkE0uYbiwHyCoTzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: DcUdu9v5Z4ueAVJHEGEmVmq8wrOlFLKmtmXx3qiOrJka+NV/M8arD/7VNaTIcUn59TEiX12ufVdv1G9FSg3/9A==
x-fb-trip-id: 686109401
x-fb-content-md5: 0a3718ec2ba87bbba41f13bfe737aa05
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f6aab54d6a19ab764738291cc81fd5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Jun 2021 18:17:33 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1D76 246 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b2f6583abd0840b58bf9222906116e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://widget-prime.rafflecopter.com
Referer: https://widget-prime.rafflecopter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vZk4s2LIpTrq7JD1g/p1Yw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74501
x-fb-rlafr: 0
x-fb-debug: /CfrgOLCNo+ccUE935oiPYSKaS7stxu2ntKinsv+i+S+ncQppR6X0to7Z9V6ttkNeoZ7fegz8BYspDRpxUQY5Q==
x-fb-content-md5: fc11047f7885c4c7625497f84b694be5
x-frame-options: DENY
date: Fri, 18 Jun 2021 18:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "116d6bcef04f974200d3a1222c32ac48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 17:42:49 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5927 0
42 B 107ms
33ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95203158&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:38 GMT
content-length: 0

GET
H2 200 1050234869-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
35 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/1050234869-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:30:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Jun 2021 00:56:26 GMT
server: sffe
age: 542100
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35768
x-xss-protection: 0
expires: Sun, 12 Jun 2022 11:30:45 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 45ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd145564936130c41e4f5b920dc6c4634a9835c7a3ece9d44515b083d2460874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 18:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7967
x-xss-protection: 0

GET
H2 200 2602852074-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 374 KB
374 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2602852074-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1289263365-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77d4a309d15316ebca4b04ba6bfacec9523b22732cfaebf8eb0114b213a335c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 02:35:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:55:07 GMT
server: sffe
age: 142245
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 382732
x-xss-protection: 0
expires: Fri, 17 Jun 2022 02:35:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 18 Jun 2021 18:05:45 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 3C11 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 18 Jun 2021 16:59:56 GMT
expires: Sat, 18 Jun 2022 16:59:56 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52E6 783 B
778 B 15ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf4dd25b6274c6e76024887f18354c98db144b8abc4a85871527d778dbf50cce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b31N25buBiTt8LcIGtqsMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.more4momsbuck.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer: http://www.more4momsbuck.com/

Response headers

expires: Fri, 18 Jun 2021 18:05:45 GMT
date: Fri, 18 Jun 2021 18:05:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-b31N25buBiTt8LcIGtqsMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C11 14 KB
6 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 14:38:38 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 45ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=4095168329263127&bg=!mZqlmt7NAAZktE7iZLQ7ACkAdvg8WksMkIEbizdzjb2ccSnirkBzX-J8mtqzZ9zz2KD70-h60rOvRAIAAABUUgAAAA1oAQcKAAmb5HwjF7YSy2uZAnOoeiBPPNrUJoY_KUi3GdANKB4WFKNl9KjcTnXXntV5EJSDlXgW7hhjAeXGHUnNrmV1ZKklfrJfEcVGkuqH9SyvIIP86aFnw7FUa1gBcOEXNZaRs_-8LyeZpGBxox8g9Kzyxj4raYMlHv8QB-KQ0fRk3U9-EZfzaFEFTEk1x1jf0PKXdqgITBbLo_2szPFFPABrZOeJv_GGe0Xsc1htNmKeLstR98wHE7hlRyVsuSg2I7lF_NQkNMjLBdVPt2BHt9GEfSYyTwGsK8kbJKfOd6aCXcqsXbIfaHjTpGkIBcvhPjMJWVNuEFgXw3j2xt-7I9Wl0qzuBtWcBGqC0vHn6-QrVlmQn4G9EcKOSpwKjSpKrAQcykUejd7J8fkRUg6OgdTFg1q2IKPDtWURseYih1yGEujReiNQsanZol6fqIkTn1MpBGLWswVJbIMhvtNKv0K1mXXpHbqyxR1ywG2w0NyO4QAxvO8JgRw69PS2yq6zPsEiA7eFLYw8bvremOw3SUesIcGpdTz-3yL8gZOB1zu5AJ0lasDT0GUGdiYqLDRK0xOBt7hQV56YkOTgLWc6h0OhgU2VsXWl0NWmdsJlLCOCdyuZ1aXspvpVAbiMyiPAVUCfOPzFRg0bzZ6p9Y7iScB0gST7Xhs1l7KvRGx8o3gNENLAMre0JA3UXjKTcshqti7Jw9-z7XRXiNCID1n0kqR8UoBcNi0ZhAndPH6RxaYQEdFETxRWpN_cXmD9vbGX6XKFk9V23ZQIOlMNgxUFIyTvXwplCnc187516EC1WVCx4N1mnCJ74vpLtqGEDePJ3QBrSbpcOX17RJCIlFfHyes6_ik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.more4momsbuck.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 18:05:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

367 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ad.360yield.com
ads.avads.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
apis.google.com
b1sync.zemanta.com
badge.clevergirlscollective.com
bcp.crwdcntrl.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
customizer-css.rafflecopter.com
d1bg42r4siwejx.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
graph.facebook.com
gslbeacon.lijit.com
i1353.photobucket.com
image6.pubmatic.com
img11.imageshack.us
img155.imageshack.us
img340.imageshack.us
img651.imageshack.us
img839.imageshack.us
img841.imageshack.us
is.gd
links.rafflecopter.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
members.one2onenetwork.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.owneriq.net
pxdrop.lijit.com
resources.blogblog.com
rtb.gumgum.com
s3.amazonaws.com
scontent-frx5-2.xx.fbcdn.net
secure.adnxs.com
ssbsync.smartadserver.com
ssc-cms.33across.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
vap5ams1.lijit.com
widget-prime.rafflecopter.com
www.blogger.com
www.facebook.com
www.filepicker.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.momselect.com
www.more4momsbuck.com
www.myblogspark.com
www.sverve.com
www.tomoson.com
www.usfamilyguide.com
x.bidswitch.net
104.111.233.227
104.111.242.53
104.197.67.28
124.146.215.48
142.250.185.226
142.250.186.34
143.198.246.108
151.101.14.49
151.101.2.133
169.197.150.7
18.184.216.10
18.185.208.29
18.195.155.181
185.184.8.65
185.29.135.227
185.64.189.115
185.86.139.94
193.0.160.129
193.122.128.135
198.148.27.140
198.61.128.38
2.18.233.180
2.18.235.93
208.100.17.175
209.141.56.224
213.19.147.44
216.52.2.19
216.52.2.48
2606:4700:20::ac43:5384
2606:4700:3034::ac43:884f
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:803::2002
2a00:1450:4001:803::2009
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2013
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.228.133.61
34.209.120.242
35.158.179.12
35.205.207.25
35.227.248.159
35.244.159.8
37.252.172.250
38.99.77.16
38.99.77.17
52.205.83.58
52.217.166.8
52.30.140.199
52.49.238.187
54.77.19.59
64.111.116.72
64.202.112.63
65.9.77.114
65.9.77.76
65.9.77.80
65.9.84.43
66.155.71.149
69.164.195.169
69.173.144.165
70.42.32.63
72.251.249.14
76.223.111.131
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07f5bade0660e4a3f0e5b5fe4b1bf78e1f949c9e2eeee0f37c946077c3873feb
08696173d80522eccf1228a3a3675c0a90f9f2f8613445224e27c57f4c106205
0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
10255a28643d2fa90d8f5d718322a760315369349d54b86127babd5f481f1dbb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ea93de4e8082379da8c34f0f7a1bd702cef806ff6c820109197f4c84a382df
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
1ecf4e3f907eba818100c2ccc71baf8dd6c1bd9b0cd1772cb58a86adb946b128
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
22879d796f880eb320552b4033f48b14d044622f0b1132dea8006e4ec4387507
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
236dbce5f69fd65b3e40b0f2d2831d3c49aee5f0fb8b04f88c964d1cdaf034a6
25fc81b6d3f3fe8d4dd0544b4ff143abbf5d0552a39cc81f6102781bfa1f000a
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6
2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55
2ece2ae8cfd23406ffa2d6ccf93177ae66db6524169d907ccdd5ad00b877d673
2f3386c998068a946010073ca6f2798dd46f78a4a38aa6177f722b27d65ab7f8
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
396e7a57b6d4cfd9f673f410832ac070cd8257282453b835211d2751501666aa
39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
46b9c06535b5a407866aa603d8a39b5f6dd03c9aec9545eb00daf4b20713461a
512f3ebe424f60dc4d784147ace0f1f236585a6e6182700dc0241dffed4008bd
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b1ce55b0a878b5d76ec7e8bcc49992358fffacc7f9583b606f1c79a7f8c77c2
5d5e0deb5d2542202524d338977a8c37498617bbb03419d73c0e144ac920a768
608a08d270843ea76943c0344017b6ec948e45cbb67042190f4db5d4ebd35c2c
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a268b8c61b80484f66c3f1b846a8cac2b16b3d26d81cb333992275e4657431
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7301da263f1eeb82d977395738fc9c1969d941ae548d5e0a2ea30e2abf9881a1
77d4a309d15316ebca4b04ba6bfacec9523b22732cfaebf8eb0114b213a335c8
7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a
7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8
8155998d8e66d0cd7640a991577f76f858f46630d5e2ae38d65950370eb0db5e
82bd2bae9822848102c101c9622b2795b0598baa218ad1b82c572bd3f4dda720
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860b1287e4802e8e88c02aff16f77ee81c71f6f18d9875c319b73df00f03c93a
89f45c1dc292c651416a90fbd5f3585a3be03f3ef8da8bfc6e840b93b5d441bb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3f7c911d1582b04745a69d60e851f4c10cf086eb9ff6a29e4417e217881518
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
943d646e594ac17f3685f072a480b07754d72d2fb595e9b7afaf5f8e9c440ed2
9a201d1da0b25de21554b10225d744d0c136817d1d08e79a4be09419154c06fd
9f30e081789daab640b9ebfa210517f382b2d50969402b9db32e0a1642a9bc7e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c
a8905c07778a94159d7b297dbef92db645e1e28671a3014e674a2c543707751f
afa601bcdf704efd760c42eeea130d17b59f5794961b7da4b713f189b9584c01
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
b01bd450c0e2a1f95217c2b29b20fbcb92b46384f2019fe230c3c2325d52a530
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe5938695f5767abd5ccebd0aef9ff5267f6b0994196a1a6a50a5532ba9303
b5dd2c84fda954bb0def276c82c506ca5b6c4f84f063bd82e6b813c12ba90524
b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946
b9ea211ae5e16230bd91d1e79c2267c4af0644ce40bdb4e6ddd7036baf21fad0
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
bea95d1a9b468024b10aeceff049b2adc1c0d8f5db83d5ffb410ff3e34e85bea
bf4dd25b6274c6e76024887f18354c98db144b8abc4a85871527d778dbf50cce
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649
c4fecb0a227964e61ebedda9f29bc8fcfe5c8f325e9aa31aa5a56c6cee53e111
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
d0f13a22131fd2ed2bf9740816774446888e3f3f3aadaa1a46ebdc4ff5c0c199
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d88f84797ba2f2053b128b17102275fb455ea7ce371245de63daedf2ab5348c9
da2735e6f5e66f37dfe884ebb2c00397b7a7a697b2c9e64a8aa778489e6bfded
dc9c0210472da908d21e73701c914e53781c4688a7f4595ef8d0189b0a5070f4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd145564936130c41e4f5b920dc6c4634a9835c7a3ece9d44515b083d2460874
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
de7df090fe846efc9852efb4e082d4e3abdadb76c3ffc05de009776f0485aaca
e0d3221b12c4cbd929794b59cf228a9fdd32815da4ef080af458cfc2cec87ead
e185ca0df36101658cfe1ee78417ddec00b4e293295631b0be0d8428737a1421
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7b5747a96e0f0360909304a2b988f76756572dd0b4d66f96402aff97dd7357a
eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
edf6cc0ca66d29bb3e30ce70c436ae7d7e566f616b90f496ea1c655b73820db9
ee3fbd016af7ca7f3f07ea12f6ed51da7e33d0de9b8dce98c0039f5a8586c365
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
f5f5784725bb0f49547b7065c1254be074efd0052187a26e8f4e3d21cf617157
f63b64f6e667b334b1656d61ac15b4c9f1a2d559660dd8c7ed90933916e10351
f6e64c148ee0b05a3a562d4af593911f7b49dab65bfdea947212df7d735e11d4
f9c56bf40c7dc06f00f7a70e6466cb0768900ff116d108f96a8c0ea6730215b0

www.more4momsbuck.com Open in urlscan Pro 2a00:1450:4001:811::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

81 %HTTPS

33 %IPv6

66 Domains

87 Subdomains

60 IPs

8 Countries

5565 kBTransfer

11054 kBSize

0 Cookies

81 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.more4momsbuck.com Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

81 %
HTTPS

33 %
IPv6

66
Domains

87
Subdomains

60
IPs

8
Countries

5565 kB
Transfer

11054 kB
Size

0
Cookies

199 HTTP transactions
1 data transactions