moneypages.upickem.net Open in urlscan Pro
52.54.217.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.moneypagesticketgiveaway.com/
Effective URL:
https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Submission: On September 18 via automatic, source certstream-suspicious (September 18th 2024, 2:42:57 am UTC) — Scanned from IT

Summary HTTP 58 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 58 HTTP transactions. The main IP is 52.54.217.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is moneypages.upickem.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 2nd 2024. Valid for: a year.

This is the only time moneypages.upickem.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
20	52.54.217.201 52.54.217.201	14618 (AMAZON-AES) (AMAZON-AES)
5	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
10	170.249.208.194 170.249.208.194	63410 (PRIVATESY...) (PRIVATESYSTEMS)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
1	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1 1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.126.212 2.19.126.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
3	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
58	17

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.moneypagesticketgiveaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.54.217.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-217-201.compute-1.amazonaws.com

moneypages.upickem.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 170.249.208.194 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.3ddigital.com

www.moneypages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-212.deploy.static.akamaitechnologies.com

vod-progressive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	upickem.net moneypages.upickem.net	74 KB
10	moneypages.com www.moneypages.com	158 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 ssl.google-analytics.com — Cisco Umbrella Rank: 905	38 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	163 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1491	28 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 td.doubleclick.net — Cisco Umbrella Rank: 189	259 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	168 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 808	82 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 140
1	akamaized.net vod-progressive.akamaized.net — Cisco Umbrella Rank: 55821
1	vimeo.com 1 redirects player.vimeo.com — Cisco Umbrella Rank: 2075	2 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4944 i.simpli.fi Failed	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	moneypagesticketgiveaway.com 1 redirects www.moneypagesticketgiveaway.com	362 B
58	16

	Domain	Requested by
20	moneypages.upickem.net	moneypages.upickem.net
10	www.moneypages.com	moneypages.upickem.net www.moneypages.com
5	connect.facebook.net	moneypages.upickem.net connect.facebook.net
3	ssl.google-analytics.com	moneypages.upickem.net
2	platform.twitter.com	moneypages.upickem.net platform.twitter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	moneypages.upickem.net
2	www.googletagmanager.com	moneypages.upickem.net www.googletagmanager.com
1	code.jquery.com	moneypages.upickem.net
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	vod-progressive.akamaized.net	moneypages.upickem.net
1	player.vimeo.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	tag.simpli.fi	moneypages.upickem.net
1	fonts.googleapis.com	moneypages.upickem.net
1	www.moneypagesticketgiveaway.com	1 redirects
0	i.simpli.fi Failed	tag.simpli.fi
58	19

This site contains links to these domains. Also see Links.

Domain
www.moneypages.com
www.facebook.com
www.instagram.com
www.youtube.com
www.moneypagesfranchising.com
calltracking.moneypages.com
www.3ddigital.com

Subject Issuer	Validity	Valid
*.upickem.net Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-28` - `2024-09-26`	3 months	crt.sh
mail.moneypages.com R10	`2024-08-30` - `2024-11-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Frame ID: 0EE2E97AB59710C4BF6975B7DD0446B3
Requests: 31 HTTP requests in this frame

Frame: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
Frame ID: 2B3D9922B86DA47C11DF2BEB18321F08
Requests: 25 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-NHNJXGHLCP&gacid=1998196775.1726627364&gtm=45je4990v9118814741za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422&z=2036042549
Frame ID: 7BA68AC324FE3BA6EB48435C3D50D502
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmoneypages.upickem.net
Frame ID: B6DA50A985C5CA4C5A38B0C0137DD928
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Money Pages | Business Marketing and Advertising in Jacksonville, FL

Page URL History Show full URLs

https://www.moneypagesticketgiveaway.com/ HTTP 301
http://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268 HTTP 307
https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

91 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

17
IPs

5
Countries

749 kB
Transfer

6215 kB
Size

19
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.moneypages.com/
Title: Money Pages

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/magazine/
Title: Magazine

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/direct-mail/
Title: Direct Mail

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/digital/
Title: Digital

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/branding/
Title: Branding

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/amelia-island-florida/
Title: Amelia Island, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/daytona-beach-florida/
Title: Daytona Beach, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/jacksonville-florida/
Title: Jacksonville, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/ormond-beach-florida/
Title: Ormond Beach. FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/palm-coast-florida/
Title: Palm Coast, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/port-orange-florida/
Title: Port Orange, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/st-augustine-florida/
Title: St. Augustine, FL

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/cumming-georgia/
Title: Cumming, GA

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/kennesaw-georgia/
Title: Kennesaw, GA

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/kingsland-georgia/
Title: Kingsland, GA

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/chattanooga-tennessee/
Title: Chattanooga, TN

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/greenwood-south-carolina/
Title: Greenwood, SC

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/contests
Title: Contests

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/latest-issues
Title: Latest Issues

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MoneyPages/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/moneypages/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCoTbeVU9e6T9kSN66eRkY1Q
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/contests/
Title: Contests

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/locations/
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/latest-issues/
Title: Latest Issues

Search URL Search Domain Scan URL

URL: https://www.moneypagesfranchising.com/
Title: Franchise

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/foundation/
Title: Money Pages Foundation

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://calltracking.moneypages.com/
Title: Clients

Search URL Search Domain Scan URL

URL: https://www.moneypages.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.3ddigital.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.moneypagesticketgiveaway.com/ HTTP 301
http://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268 HTTP 307
https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://player.vimeo.com/external/327792042.sd.mp4?s=5b366a04f31496b9447e75ec3171e277725559a1&profile_id=165 HTTP 302
https://vod-progressive.akamaized.net/exp=1726641763~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F558%2F13%2F327792042%2F1284175760.mp4~hmac=6cde167f5d7d43d8dc86df9eacc310574c5b5a248214eea7342f1772b4884bd0/vimeo-prod-skyfire-std-us/01/558/13/327792042/1284175760.mp4

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request YourSubmission.aspx Show response
moneypages.upickem.net/engine/
Redirect Chain

https://www.moneypagesticketgiveaway.com/
http://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

22 KB
6 KB

756ms
227ms

Document
text/html

52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e0578d46efb821f85543742e4dba176e21acc6a3e6ea7b4f8a9189f433204d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 5478
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Sep 2024 02:42:41 GMT
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-PP: 2
X-Powered-By: ASP.NET

Redirect headers

Location: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 564ms
69ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Sep 2024 02:42:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=16, mss=1288, tbw=2919, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ixnMgiLGbR8ULNyjucyJj2o1RBBqhdnlwHK2aXuzFy05Nz2VmBKKGNpMpiLlKaXjzSEF8U+wa4H0di23BrAWzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 style.css
www.moneypages.com/wp-content/themes/moneypages/ 67 KB
11 KB 974ms
314ms Stylesheet
text/css 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-content/themes/moneypages/style.css
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: d9f34ed572a410bbdc4f01c7b725641a703e570598bc4c5cab8d66d768229384

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:41 GMT
content-encoding: br
last-modified: Tue, 03 Jan 2023 15:57:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11387
expires: Thu, 18 Sep 2025 08:42:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 564ms
59ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,500,500i,600

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

d11df95c598a107a9d5d2f09fe031f0f9276fe02d5096c3b7a463255055ae312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Sep 2024 02:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Sep 2024 02:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Sep 2024 02:42:42 GMT

GET
H2 200 jquery.js Show response
www.moneypages.com/wp-includes/js/jquery/ 279 KB
80 KB 974ms
315ms Script
text/javascript 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:41 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 21:27:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 81316
expires: Thu, 18 Sep 2025 08:42:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.moneypages.com/wp-includes/js/jquery/ 13 KB
5 KB 150ms
149ms Script
text/javascript 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:42 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 19:58:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4678
expires: Thu, 18 Sep 2025 08:42:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
0 2ms
2ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Sep 2024 02:42:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=16, mss=1288, tbw=2919, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ixnMgiLGbR8ULNyjucyJj2o1RBBqhdnlwHK2aXuzFy05Nz2VmBKKGNpMpiLlKaXjzSEF8U+wa4H0di23BrAWzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 535ms
66ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138531173-8

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e4ee50a1a649b276e05a8c0df03ccf4c8cd50c45796cc48365a340351a46bfa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77520
x-xss-protection: 0
last-modified: Wed, 18 Sep 2024 00:33:50 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Sep 2024 02:42:43 GMT

GET
H2 200 06ea09c0-6b71-0137-5f72-067f653fa718 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 253ms
96ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/06ea09c0-6b71-0137-5f72-067f653fa718
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: ab72da807e2b1d361561e1ef16f589dc5a22e51c399b77329398b47b76f5c492

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Sep 2024 02:42:43 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F_Y2cGkJeuzFyQyqIQgB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mp_hero_poster.jpg
www.moneypages.com/wp-content/uploads/2019/05/ 34 KB
34 KB 151ms
150ms Image
image/jpeg 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneypages.com/wp-content/uploads/2019/05/mp_hero_poster.jpg
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 371e0dc43e22f2dd7663d9e5306b39a2daa421a58fd01ada8cf214043f6b93b6

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:42 GMT
last-modified: Thu, 23 May 2019 12:58:47 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 34383
expires: Thu, 18 Sep 2025 08:42:42 GMT

GET
H2 200 MPwhitelogo.svg
www.moneypages.com/wp-content/themes/moneypages/assets/ 6 KB
2 KB 155ms
153ms Image
image/svg+xml 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneypages.com/wp-content/themes/moneypages/assets/MPwhitelogo.svg
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: f46d6c65007f189ce710b323acb6e7e8d9ccbea7914bb0ad01f9eec6e1ad52e1

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:42 GMT
content-encoding: br
last-modified: Fri, 04 Oct 2019 10:06:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2425
expires: Thu, 18 Sep 2025 08:42:42 GMT

GET
H/1.1 200
OK iFrameResizer.js Show response
moneypages.upickem.net/engine/includes/ 3 KB
1 KB 144ms
144ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/engine/includes/iFrameResizer.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

be37ff7531d4a53c7471160b54ae1bcae7f68168ee58eba3aba9c25b8cc66300

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 17:42:24 GMT
Server: Microsoft-IIS/8.5
ETag: "61753c71cf0d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 2
Content-Length: 832

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 539ms
44ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,500,500i,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moneypages.upickem.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 17 Sep 2024 12:39:56 GMT
x-content-type-options: nosniff
age: 50567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Sep 2025 12:39:56 GMT

GET
H2 200 nav-btn-sprites.png
www.moneypages.com/wp-content/uploads/2019/03/ 1 KB
1 KB 151ms
151ms Image
image/png 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneypages.com/wp-content/uploads/2019/03/nav-btn-sprites.png
Requested by: Host: www.moneypages.com
URL: https://www.moneypages.com/wp-content/themes/moneypages/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: c333e4ac9602272f89b4f9ae34efa31f3d7f4928b1e052a2a619c811a7c4c7a8

Request headers

Referer: https://www.moneypages.com/wp-content/themes/moneypages/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:42 GMT
last-modified: Wed, 21 Aug 2024 19:06:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1167
expires: Thu, 18 Sep 2025 08:42:42 GMT

GET
H2

206

1284175760.mp4
vod-progressive.akamaized.net/exp=1726641763~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F558%2F13%2F327792042%2F1284175760.mp4~hmac=6cde167f5d7d43d8dc86df9eacc310574c5b5a248214eea7342f1772b4884bd0/vime...
Redirect Chain

https://player.vimeo.com/external/327792042.sd.mp4?s=5b366a04f31496b9447e75ec3171e277725559a1&profile_id=165
https://vod-progressive.akamaized.net/exp=1726641763~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F558%2F13%2F327792042%2F1284175760.mp4~hmac=6cde167f5d7d43d8dc86df9eacc310574c5b5a248214eea7342f1772b4884...

4 MB
0

585ms
74ms

Media
video/mp4

2.19.126.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vod-progressive.akamaized.net/exp=1726641763~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F558%2F13%2F327792042%2F1284175760.mp4~hmac=6cde167f5d7d43d8dc86df9eacc310574c5b5a248214eea7342f1772b4884bd0/vimeo-prod-skyfire-std-us/01/558/13/327792042/1284175760.mp4
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Server: 2.19.126.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-212.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:44 GMT
x-vim-cachebc: EP:H11,E:m,TD0:h
akamai-grn: 0.947d1302.1726627364.37cdc0ea
x-guploader-uploadid: AAANsUmXXqxQpga6kCOGBnYSNzk4n3axrvJxrSA2xETHqphi_-2p5IdbOkQxmiLc3RHhHVrvWtbRg60iHqSzuYcov1s
x-goog-storage-class: NEARLINE
Content-Range: bytes 0-4876444/4876445
akamai-mon-iucid-del: 875210
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4876445
last-modified: Fri, 03 Jan 2020 23:39:28 GMT
server: UploadServer
etag: "b52ba13a1d19c1df25e893cb157a9112"
x-goog-hash: crc32c=9db6AQ==, md5=tSuhOh0Zwd8l6JPLFXqREg==
aka-c-hit: cache-hit
content-type: video/mp4
cache-control: private, max-age=31478726
accept-ranges: bytes
akamai-request-bc: [a=2.19.125.148,b=936231146,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin: *
expires: Wed, 17 Sep 2025 10:48:10 GMT

Redirect headers

x-cache-hits: 0
Date: Wed, 18 Sep 2024 02:42:43 GMT
content-security-policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
CF-Cache-Status: DYNAMIC
x-cache: MISS
x-host: player-backend-75f54679f9-f2qbd
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-mxp6975-MXP
x-player-backend: g
Server: cloudflare
x-timer: S1726627364.653123,VS0,VE279
access-control-allow-origin: *
location: https://vod-progressive.akamaized.net/exp=1726641763~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F558%2F13%2F327792042%2F1284175760.mp4~hmac=6cde167f5d7d43d8dc86df9eacc310574c5b5a248214eea7342f1772b4884bd0/vimeo-prod-skyfire-std-us/01/558/13/327792042/1284175760.mp4
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-backend-75f54679f9-f2qbd
accept-ranges: bytes
CF-RAY: 8c4dfbfece26523e-MXP
expires: Fri, 15 Dec 1985 19:30:00 GMT

GET
H2 200 686622678145069 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 110ms
109ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/686622678145069?v=2.9.167&r=stable&domain=moneypages.upickem.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8b488badc1c5e0b6f915f3ccb1cc1ab16f4b27de1d8a8eac6ed0c7c61b8ef80d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 18 Sep 2024 02:42:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=33, mss=1288, tbw=64568, tp=-1, tpl=-1, uplat=68, ullat=0
pragma: public
x-fb-debug: kzv8Rn8tHX900DZykABRtwdcwWv2/aDEW2uF3rORSMgFaAy/PQ9gXUw1gA00RV+x2dpPEwZFP8eI6RlNjCd8NA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK YourSubmission.aspx Show response
moneypages.upickem.net/engine/ Frame 2B3D 44 KB
11 KB 154ms
154ms Document
text/html 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8c6e710f49a7cf063fa136223250852beade749f154835e5ab3aed5c69abcf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 10604
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Sep 2024 02:42:43 GMT
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-PP: 2
X-Powered-By: ASP.NET

GET scripts.js
www.moneypages.com/wp-content/plugins/contact-form-7/includes/js/ 0
0

GET
H2 200 social-sprits.png
www.moneypages.com/wp-content/uploads/2019/03/ 3 KB
3 KB 156ms
155ms Image
image/png 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneypages.com/wp-content/uploads/2019/03/social-sprits.png
Requested by: Host: www.moneypages.com
URL: https://www.moneypages.com/wp-content/themes/moneypages/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 651e428eb2c9573148010bda728c8d467ec1dee32d83d8523292e1ae2ef974bf

Request headers

Referer: https://www.moneypages.com/wp-content/themes/moneypages/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:42 GMT
last-modified: Wed, 21 Aug 2024 19:07:04 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3409
expires: Thu, 18 Sep 2025 08:42:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 653ms
224ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=686622678145069&ev=PageView&dl=https%3A%2F%2Fmoneypages.upickem.net%2Fengine%2FYourSubmission.aspx%3Fcontestid%3D549268&rl=&if=false&ts=1726627363585&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726627363584.38589907246726794&ler=empty&cdl=API_unavailable&it=1726627363415&coo=false&rqm=GET

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1288, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Sep 2024 02:42:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 656ms
227ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=686622678145069&ev=PageView&dl=https%3A%2F%2Fmoneypages.upickem.net%2Fengine%2FYourSubmission.aspx%3Fcontestid%3D549268&rl=&if=false&ts=1726627363585&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726627363584.38589907246726794&ler=empty&cdl=API_unavailable&it=1726627363415&coo=false&rqm=FGET

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 18 Sep 2024 02:42:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415808062083669975", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1288, tbw=3090, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
x-fb-debug: ePnu6+f1NHnCgfER/sY5N6L5ZSaMmCrGSqAqjO0V/uqJuV8gW0B6F6be9ABPL8Bk/7TNr7s6b9mhob2j3WvG4g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415808062083669975"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK SkinBase.css
moneypages.upickem.net/shared/assets/legacy/shared/includes/ Frame 2B3D 62 KB
10 KB 169ms
167ms Stylesheet
text/css 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinBase.css?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2d7530f88e80d07a49173936b9bc2f6213ebadc383d24df265429e4876fb6479

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Oct 2020 15:05:14 GMT
Server: Microsoft-IIS/8.5
ETag: "c0b40964a3d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 2
Content-Length: 9414

GET
H/1.1 200
OK SkinBaseDeals.css
moneypages.upickem.net/shared/assets/legacy/shared/includes/ Frame 2B3D 23 KB
4 KB 538ms
348ms Stylesheet
text/css 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinBaseDeals.css?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3be1a78cd3544c8163b8519c3d87f1efa82a2faae0633e83dce140c976086fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:53 GMT
Server: Microsoft-IIS/8.5
ETag: "58ce9b89ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 2
Content-Length: 3786

GET
H/1.1 200
OK SkinLight.css
moneypages.upickem.net/shared/assets/legacy/shared/includes/ Frame 2B3D 14 KB
2 KB 542ms
263ms Stylesheet
text/css 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinLight.css?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1b11a9fa3c3a93b4e96475eef074e51837ff999809efca6fda4d2e866662267c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:53 GMT
Server: Microsoft-IIS/8.5
ETag: "1293a089ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 1702

GET
H/1.1 200
OK SkinLightDeals.css
moneypages.upickem.net/shared/assets/legacy/shared/includes/ Frame 2B3D 2 KB
1007 B 541ms
247ms Stylesheet
text/css 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinLightDeals.css?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e4ba427365693f8f87635cb3b77790e125a9e0ecd0218fa65cc25e57a2451cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:53 GMT
Server: Microsoft-IIS/8.5
ETag: "1293a089ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 624

GET
H/1.1 200
OK modifications.js Show response
moneypages.upickem.net/aux/ux/prototypes/2013/oldplatform_sweepstakes/ Frame 2B3D 18 KB
4 KB 541ms
244ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/aux/ux/prototypes/2013/oldplatform_sweepstakes/modifications.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f7f79ada190fb54eb8604722198ccc6cc78d2d50e213a0e410d9d5e1aa5eab3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Sep 2014 21:43:26 GMT
Server: Microsoft-IIS/8.5
ETag: "013de6a9cecf1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 3946

GET
H2 200 custom.js Show response
www.moneypages.com/wp-content/themes/moneypages/ 70 KB
21 KB 163ms
163ms Script
text/javascript 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-content/themes/moneypages/custom.js
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 2938ac60df5a0d63221b22018e0d52048d868eb0d496a0bfe92d2b5c66211fbe

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:43 GMT
content-encoding: br
last-modified: Tue, 05 Dec 2023 14:24:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20960
expires: Thu, 18 Sep 2025 08:42:43 GMT

GET
H2 200 wp-embed.min.js Show response
www.moneypages.com/wp-includes/js/ 1 KB
695 B 161ms
161ms Script
text/javascript 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-includes/js/wp-embed.min.js?ver=5.2.1
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: 51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:43 GMT
content-encoding: br
last-modified: Wed, 15 Nov 2023 21:27:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 616
expires: Thu, 18 Sep 2025 08:42:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
92 KB 252ms
251ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NHNJXGHLCP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138531173-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9d467ef435d37167ac947ea02931110fe6be002a0dc4c043ed8bd24c0c1aa2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93814
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Sep 2024 02:42:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 488ms
31ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138531173-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Sep 2024 01:26:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4587
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 18 Sep 2024 03:26:17 GMT

GET
H/1.1 200
OK modifications.css
moneypages.upickem.net/aux/ux/prototypes/2013/oldplatform_sweepstakes/ Frame 2B3D 12 KB
3 KB 139ms
138ms Stylesheet
text/css 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/aux/ux/prototypes/2013/oldplatform_sweepstakes/modifications.css

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

9b9168eb6be6ec34dfd18828b0a54f2fb96ae39978b2581cb7198931f17cd0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Sep 2014 21:49:37 GMT
Server: Microsoft-IIS/8.5
ETag: "802e048acecf1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 3161

POST
H2 204 collect
analytics.google.com/g/ 0
0 1752ms
53ms Fetch
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NHNJXGHLCP&gtm=45je4990v9118814741za200&_p=1726627363349&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422&cid=1998196775.1726627364&ecid=116197747&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAI&_s=1&sid=1726627364&sct=1&seg=0&dl=https%3A%2F%2Fmoneypages.upickem.net%2Fengine%2FYourSubmission.aspx%3Fcontestid%3D549268&dt=Money%20Pages%20%7C%20Business%20Marketing%20and%20Advertising%20in%20Jacksonville%2C%20FL&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3526
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHNJXGHLCP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Sep 2024 02:42:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moneypages.upickem.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 1786ms
80ms Ping
text/plain 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NHNJXGHLCP&cid=1998196775.1726627364&gtm=45je4990v9118814741za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHNJXGHLCP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Sep 2024 02:42:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moneypages.upickem.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7BA6 0
0 1737ms
45ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-NHNJXGHLCP&gacid=1998196775.1726627364&gtm=45je4990v9118814741za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422&z=2036042549

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHNJXGHLCP&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneypages.upickem.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 02:42:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK IFrameHelper.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliatesweb/engine/includes/ Frame 2B3D 623 B
724 B 125ms
124ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliatesweb/engine/includes/IFrameHelper.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1b4fef52433c82a09a1b440a367f9ead89179d43ea185aaf1cc7b67c1d3f361e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:49 GMT
Server: Microsoft-IIS/8.5
ETag: "12d35a87ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 325

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 40ms
38ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1311723302&t=pageview&_s=1&dl=https%3A%2F%2Fmoneypages.upickem.net%2Fengine%2FYourSubmission.aspx%3Fcontestid%3D549268&ul=it-it&de=UTF-8&dt=Money%20Pages%20%7C%20Business%20Marketing%20and%20Advertising%20in%20Jacksonville%2C%20FL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1839610126&gjid=1105458372&cid=1998196775.1726627364&tid=UA-138531173-8&_gid=715317966.1726627365&_r=1&gtm=457e4990za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1791513727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Sep 2024 02:42:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moneypages.upickem.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 2B3D 45 KB
17 KB 1864ms
49ms Script
text/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Sep 2024 02:26:50 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 18 Sep 2024 04:26:50 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ Frame 2B3D 35 B
122 B 68ms
67ms Image
image/gif 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1139351779&utmhn=moneypages.upickem.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=996x150&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmhid=1944899302&utmr=0&utmp=%2Fengine%2FYourSubmission.aspx%3Fcontestid%3D549268%26iframe%3D1&utmht=1726627366423&utmac=UA-5483035-1&utmcc=__utma%3D90609286.1998196775.1726627364.1726627366.1726627366.1%3B%2B__utmz%3D90609286.1726627366.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1106020066&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Sep 2024 02:42:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ Frame 2B3D 35 B
194 B 59ms
58ms Image
image/gif 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=89318415&utmhn=moneypages.upickem.net&utmt=var&utmht=1726627366426&utmac=UA-5483035-1&utmcc=__utma%3D90609286.1998196775.1726627364.1726627366.1726627366.1%3B%2B__utmz%3D90609286.1726627366.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B__utmv%3D90609286.MONY-549268%3B&utmjid=&utmu=DAAQAAAAAAAAAAAAAAABAAAE~

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2024 18:01:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31304
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 2B3D 91 KB
28 KB 504ms
39ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
Age: 1234
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (mil/6CE5)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2B3D 3 KB
2 KB 35ms
34ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ab396fe52f5e11a6eebc62178661d7bb63e3e64ab9f9008291d7250c7ec498d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Sep 2024 02:42:47 GMT
content-md5: InAfpNgHWbeW4soxJuS8cA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=33, mss=1288, tbw=78004, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: vYqwK8TWeteZuHtS1xa38yerwJyZu47HIuKAO2FF0iip2sIsfIpAZcGAh45EnMbNthnsD3r2mSiu0vLEpCopeg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 29a5d5a83ba31502ba52ecc44d057ea7
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d5e0d943becf6ca79a9ce8ca0a684bee"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 18 Sep 2024 02:57:43 GMT

GET
H/1.1 200
OK Facebook.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliatesweb/engine/includes/ Frame 2B3D 7 KB
3 KB 125ms
125ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliatesweb/engine/includes/Facebook.js?v=2

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

be83201ea7235acafe44007b70abebdc9d91c6913840c7d9056d5251270449c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:49 GMT
Server: Microsoft-IIS/8.5
ETag: "feab5387ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 2527

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2B3D 300 KB
88 KB 531ms
36ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=aa815d7442231a2458fd43cf86f6b751

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d1a91d35e52cc2366145d5e29a4c7bc7b25f976dd1b76cd3a1bd085315e7fd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://moneypages.upickem.net/
Origin: https://moneypages.upickem.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Sep 2024 02:42:47 GMT
content-md5: ypX0VTysNbvfWwnfnn9WGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87758
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=13, mss=1288, tbw=2897, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: jUGpUGLNISJHL+YSmOX5dwtuMwdKmHjUof+DXe0Jt+J8zx4o6Loa7tH+XcEckUv5IKhen+Lt52NzPCn0qAeNHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4677dacb95188aa7f611d4159a510af9
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "18dc4001afe7db84614f9ef46fc62fa3"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 17 Sep 2025 20:57:14 GMT

GET
H/1.1 200
OK AJAXAddToCartWithGifting.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 13 KB
3 KB 146ms
146ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/AJAXAddToCartWithGifting.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ed8a492fada5a8723686b69cfa767a437aefbd937b4e30cc0953dc29d145f105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "4dba086ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 2644

GET
H/1.1 200
OK CountdownClock.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 9 KB
2 KB 185ms
185ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/CountdownClock.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

380ae1b775cc7483568ccd866a11dec8fc57fdebaabc2b9a239e4c0a37056564

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "513da386ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 1764

GET
H/1.1 200
OK ToggleFields.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 1 KB
741 B 166ms
165ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ToggleFields.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a525e540221609bbe23e016b522664705f675faa53fd55d8fefc6558fa81f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "5d9ec486ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 342

GET
H/1.1 200
OK WordCounter.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 1023 B
768 B 158ms
157ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/WordCounter.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a38596a1f36750dbed4a94479b813903e5b154fadb16243a5e5c81a5182efd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "c20c786ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 370

GET
H/1.1 200
OK Mouseover.5.31.js Show response
moneypages.upickem.net/Shared/Assets/Javascript/MouseOver/ Frame 2B3D 38 KB
14 KB 131ms
131ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/Shared/Assets/Javascript/MouseOver/Mouseover.5.31.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f87b84f44e23bf722dfedfb49a87aaad1f81412fc72afbb1f5aed12654bb4717

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:47 GMT
Server: Microsoft-IIS/8.5
ETag: "f36af86ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 13607

GET
H/1.1 200
OK FileInputType.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 1 KB
949 B 124ms
123ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/FileInputType.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

40759a2e09f54a58d72f2732c37d78d23c59d7dcf038577b63917b3f4ca258df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "b2a886ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 552

GET
H/1.1 200
OK audio-player.js Show response
moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/ Frame 2B3D 11 KB
5 KB 133ms
133ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/affiliates/engine/includes/audio-player.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a0f46166d936052a25e31ec8ab6c7b4b45d6411897ac6ff0a0597f04d1623503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:48 GMT
Server: Microsoft-IIS/8.5
ETag: "4dba086ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 4602

GET
H2 200 jquery-latest.js Show response
code.jquery.com/ Frame 2B3D 276 KB
82 KB 489ms
41ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.js
Requested by: Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3686302
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 83875
x-served-by: cache-lga21958-LGA, cache-mxp6932-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1726627369.663587,VS0,VE0
etag: W/"28feccc0-4508e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 26560, 1384

GET
H/1.1 200
OK upe-form-labelfocus.js Show response
moneypages.upickem.net/shared/assets/legacy/shared/includes/ Frame 2B3D 2 KB
831 B 160ms
160ms Script
application/x-javascript 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/includes/upe-form-labelfocus.js?v=81

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

229e0b291c01d03cc0d4bbe796086eb3b15c8eb127b885b0b276682eeaf0e136

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/engine/YourSubmission.aspx?contestid=549268&iframe=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:53 GMT
Server: Microsoft-IIS/8.5
ETag: "6df5a289ac1dd61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Accept-Ranges: bytes
X-PP: 4
Content-Length: 432

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame B6DA 0
0 476ms
34ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmoneypages.upickem.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEA) /
Resource Hash

Request headers

Referer: https://moneypages.upickem.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 15295217
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Sep 2024 02:42:49 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CEA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK NewButtonOffBackgroundBottom.gif
moneypages.upickem.net/shared/assets/legacy/shared/images/SkinLight/ Frame 2B3D 291 B
628 B 129ms
126ms Image
image/gif 52.54.217.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moneypages.upickem.net/shared/assets/legacy/shared/images/SkinLight/NewButtonOffBackgroundBottom.gif

Requested by

Host: moneypages.upickem.net
URL: https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinLight.css?v=81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.217.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-217-201.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

34c4068055b8ae880e46121d899e6cc002b7acff6322085bd0d9370397cf9a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moneypages.upickem.net/shared/assets/legacy/shared/includes/SkinLight.css?v=81
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Wed, 18 Sep 2024 02:42:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Apr 2020 22:29:53 GMT
Server: Microsoft-IIS/8.5
ETag: "75bb8889ac1dd61:0"
X-Powered-By: ASP.NET
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Content-Type: image/gif
Accept-Ranges: bytes
X-PP: 4
Content-Length: 291

GET p
i.simpli.fi/ 0
0

GET 327792042.sd.mp4
player.vimeo.com/external/ 0
0

GET mpfavi.png
www.moneypages.com/wp-content/uploads/2019/05/ 0
0

GET
H2 200 mpfavi.png
www.moneypages.com/wp-content/uploads/2019/05/ 770 B
797 B 146ms
145ms Other
image/png 170.249.208.194
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneypages.com/wp-content/uploads/2019/05/mpfavi.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.249.208.194 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.3ddigital.com
Software: LiteSpeed /
Resource Hash: d6ee1c1e96f1a4879496cc5a670ea7653a7afc68fec417e699a64f791c4055e6

Request headers

Referer: https://moneypages.upickem.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 18 Sep 2024 02:42:48 GMT
last-modified: Wed, 21 Aug 2024 18:43:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 770
expires: Thu, 18 Sep 2025 08:42:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.moneypages.com
URL: https://www.moneypages.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3

Domain: i.simpli.fi
URL: https://i.simpli.fi/p?cid=211203&cb=sifi_att_2303860633539220._hp

Domain: player.vimeo.com
URL: https://player.vimeo.com/external/327792042.sd.mp4?s=5b366a04f31496b9447e75ec3171e277725559a1&profile_id=165

Domain: www.moneypages.com
URL: https://www.moneypages.com/wp-content/uploads/2019/05/mpfavi.png

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
moneypages.upickem.net/	1970-01-21 09:13:07	Name: CookiesEnabled Value: Y
moneypages.upickem.net/	1970-01-21 09:13:07	Name: contestid Value: 549268
moneypages.upickem.net/	1970-01-20 23:37:19	Name: ForceIsMigratedOff Value: N
moneypages.upickem.net/	1970-01-21 09:13:07	Name: RETURNTO Value: YOURSUBMISSION
.upickem.net/	1970-01-21 01:46:43	Name: _fbp Value: fb.1.1726627363584.38589907246726794
.simpli.fi/	1970-01-21 08:24:09	Name: suid Value: 7E4D93D1F3FF4F21A232316E1D404390
.vimeo.com/	1970-01-20 23:37:09	Name: __cf_bm Value: 7EleWH6V7l_.VNjDyL3eUaQpUjwdFpaazOrsSISCEM4-1726627363-1.0.1.1-x32nL5enFaE5GPtiHE0RPDmBaviPNoB2vGAJ8AZB__6pvkreHeKWQt_8KEitY.6A
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mK8bxOP08Qgpy._WzLXYF12RNfmOTcH3M9ZAhtiFYmA-1726627363933-0.0.1.1-604800000
.upickem.net/	1970-01-21 09:13:07	Name: _ga_NHNJXGHLCP Value: GS1.1.1726627364.1.0.1726627364.60.0.116197747
.upickem.net/	1970-01-21 09:13:07	Name: _ga Value: GA1.2.1998196775.1726627364
.upickem.net/	1970-01-20 23:38:33	Name: _gid Value: GA1.2.715317966.1726627365
.upickem.net/	1970-01-20 23:37:07	Name: _gat_gtag_UA_138531173_8 Value: 1
.doubleclick.net/	1970-01-20 23:37:08	Name: test_cookie Value: CheckForPermission
.moneypages.upickem.net/	1970-01-21 09:13:07	Name: __utma Value: 90609286.1998196775.1726627364.1726627366.1726627366.1
.moneypages.upickem.net/	1969-12-31 23:59:59	Name: __utmc Value: 90609286
.moneypages.upickem.net/	1970-01-21 03:59:55	Name: __utmz Value: 90609286.1726627366.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.moneypages.upickem.net/	1970-01-20 23:37:07	Name: __utmt Value: 1
.moneypages.upickem.net/	1970-01-21 09:13:07	Name: __utmv Value: 90609286.MONY-549268
.moneypages.upickem.net/	1970-01-20 23:37:09	Name: __utmb Value: 90609286.2.10.1726627366

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.simpli.fi
moneypages.upickem.net
platform.twitter.com
player.vimeo.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag.simpli.fi
td.doubleclick.net
vod-progressive.akamaized.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.moneypages.com
www.moneypagesticketgiveaway.com
i.simpli.fi
player.vimeo.com
www.moneypages.com
142.250.181.234
142.250.181.238
142.250.184.238
142.250.186.40
142.250.186.72
151.101.194.137
157.240.0.6
157.240.252.35
162.159.138.60
170.249.208.194
172.217.18.99
2.19.126.212
216.58.206.66
3.33.251.168
35.234.162.151
52.54.217.201
74.125.133.154
93.184.220.66
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b11a9fa3c3a93b4e96475eef074e51837ff999809efca6fda4d2e866662267c
1b4fef52433c82a09a1b440a367f9ead89179d43ea185aaf1cc7b67c1d3f361e
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb
229e0b291c01d03cc0d4bbe796086eb3b15c8eb127b885b0b276682eeaf0e136
2938ac60df5a0d63221b22018e0d52048d868eb0d496a0bfe92d2b5c66211fbe
2d7530f88e80d07a49173936b9bc2f6213ebadc383d24df265429e4876fb6479
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
34c4068055b8ae880e46121d899e6cc002b7acff6322085bd0d9370397cf9a82
371e0dc43e22f2dd7663d9e5306b39a2daa421a58fd01ada8cf214043f6b93b6
380ae1b775cc7483568ccd866a11dec8fc57fdebaabc2b9a239e4c0a37056564
3be1a78cd3544c8163b8519c3d87f1efa82a2faae0633e83dce140c976086fa6
40759a2e09f54a58d72f2732c37d78d23c59d7dcf038577b63917b3f4ca258df
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
651e428eb2c9573148010bda728c8d467ec1dee32d83d8523292e1ae2ef974bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b488badc1c5e0b6f915f3ccb1cc1ab16f4b27de1d8a8eac6ed0c7c61b8ef80d
8c6e710f49a7cf063fa136223250852beade749f154835e5ab3aed5c69abcf20
9b9168eb6be6ec34dfd18828b0a54f2fb96ae39978b2581cb7198931f17cd0d1
9d467ef435d37167ac947ea02931110fe6be002a0dc4c043ed8bd24c0c1aa2b7
a0f46166d936052a25e31ec8ab6c7b4b45d6411897ac6ff0a0597f04d1623503
a38596a1f36750dbed4a94479b813903e5b154fadb16243a5e5c81a5182efd3f
a525e540221609bbe23e016b522664705f675faa53fd55d8fefc6558fa81f53a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab396fe52f5e11a6eebc62178661d7bb63e3e64ab9f9008291d7250c7ec498d8
ab72da807e2b1d361561e1ef16f589dc5a22e51c399b77329398b47b76f5c492
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be37ff7531d4a53c7471160b54ae1bcae7f68168ee58eba3aba9c25b8cc66300
be83201ea7235acafe44007b70abebdc9d91c6913840c7d9056d5251270449c9
c333e4ac9602272f89b4f9ae34efa31f3d7f4928b1e052a2a619c811a7c4c7a8
d11df95c598a107a9d5d2f09fe031f0f9276fe02d5096c3b7a463255055ae312
d1a91d35e52cc2366145d5e29a4c7bc7b25f976dd1b76cd3a1bd085315e7fd5f
d6ee1c1e96f1a4879496cc5a670ea7653a7afc68fec417e699a64f791c4055e6
d9f34ed572a410bbdc4f01c7b725641a703e570598bc4c5cab8d66d768229384
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0578d46efb821f85543742e4dba176e21acc6a3e6ea7b4f8a9189f433204d1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ba427365693f8f87635cb3b77790e125a9e0ecd0218fa65cc25e57a2451cc8
e4ee50a1a649b276e05a8c0df03ccf4c8cd50c45796cc48365a340351a46bfa2
ed8a492fada5a8723686b69cfa767a437aefbd937b4e30cc0953dc29d145f105
f46d6c65007f189ce710b323acb6e7e8d9ccbea7914bb0ad01f9eec6e1ad52e1
f7f79ada190fb54eb8604722198ccc6cc78d2d50e213a0e410d9d5e1aa5eab3d
f87b84f44e23bf722dfedfb49a87aaad1f81412fc72afbb1f5aed12654bb4717

moneypages.upickem.net Open in urlscan Pro 52.54.217.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

91 %HTTPS

0 %IPv6

16 Domains

19 Subdomains

17 IPs

5 Countries

749 kBTransfer

6215 kBSize

19 Cookies

35 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

moneypages.upickem.net Open in urlscan Pro
52.54.217.201 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

91 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

17
IPs

5
Countries

749 kB
Transfer

6215 kB
Size

19
Cookies

58 HTTP transactions
0 data transactions