www.rafflecopter.com Open in urlscan Pro
69.164.195.169  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=558638101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F&ul=en-us&de=UTF-8&dt=Giveaway%20%7C%20Rafflecopter%20%3A)&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1042004598&gjid=1500368268&cid=27656693.1586300039&tid=UA-2050882-5&_gid=710519660.1586300039&_r=1&z=1789497313 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_gid=710519660.1586300039&gjid=1500368268&_v=j81&z=1789497313 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313&slf_rd=1&random=4136476856

Request Chain 41

• https://s.adroll.com/j/exp/GMHKO672IFDXXL2J6IGA2A/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 43

• https://d.adroll.mgr.consensu.org/consent/iabcheck/GMHKO672IFDXXL2J6IGA2A?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2 HTTP 302
• https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2

Request Chain 45

• https://d.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&pv=61910954053.92382&cookie=&adroll_s_ref=&keyw= HTTP 302
• https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/OGA5LFWPVFASVJRYK5IB2G.js

Request Chain 47

• https://d.adroll.com/cm/aol/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab5d5211-7922-11ea-9499-02de1677167c

Request Chain 48

• https://d.adroll.com/cm/index/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039&C=1

Request Chain 49

• https://d.adroll.com/cm/n/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expires=365

Request Chain 50

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&rdrctExp=true

Request Chain 51

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 52

• https://d.adroll.com/cm/r/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 53

• https://d.adroll.com/cm/taboola/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE

Request Chain 54

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 55

• https://d.adroll.com/cm/b/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE

Request Chain 56

• https://d.adroll.com/cm/x/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DY2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE

Request Chain 57

• https://d.adroll.com/cm/l/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=cd4f4a2dbca39c0c284ef8d1d3934651

Request Chain 58

• https://d.adroll.com/cm/o/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651

Request Chain 59

• https://d.adroll.com/cm/g/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672IFDXXL2J6IGA2A&google_nid=adroll4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ&google_tc= HTTP 302
• https://d.adroll.com/cm/g/in

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.rafflecopter.com/rafl/display/e4c992cd29/	9 KB 3 KB	705ms 184ms	Document text/html	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 6340d1ded38d820916699fbad6c86adae7668063373acaab5ad75bd949d9f38d Request headers Host www.rafflecopter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx/1.4.5 Date Tue, 07 Apr 2020 22:53:58 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cookie Content-Encoding gzip
GET H2	200	bdl5nui.js Show response use.typekit.net/	19 KB 8 KB	142ms 30ms	Script text/javascript	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/bdl5nui.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 15ce275dc080063abbb829d641a061cd58f1fb54ce35bb5fe71e1242d688c68f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx access-control-allow-origin * date Tue, 07 Apr 2020 22:53:58 GMT vary Accept-Encoding content-type text/javascript;charset=utf-8 status 200 cache-control public, max-age=600, stale-while-revalidate=604800 timing-allow-origin * content-length 7485
GET H2	200	modernizr.min.js Show response cdn.jsdelivr.net/modernizr/2.7.1/	15 KB 6 KB	74ms 73ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/modernizr/2.7.1/modernizr.min.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76d71e3d521b290dcb2d335f4fddf74b71cfcaab7770b855f5e381e271819958 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 07 Apr 2020 22:53:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 13879266 cf-ray 580753e698d91f4d-FRA x-cache HIT, HIT status 200 vary Accept-Encoding x-served-by cache-ams21031-AMS, cache-hhn4047-HHN server cloudflare etag W/"3cd2-B+ocnKj/7ca3dvjg9VBP9VvNf2Y" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin *
GET H/1.1	200 OK	reset.css www.rafflecopter.com/static/styles/css/	444 B 511 B	137ms 137ms	Stylesheet text/css	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/static/styles/css/reset.css Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 5b3c07f3e9ce40618a50e21270e0d8b6cc9d84ce4f8040674f030cfa961fd1cd Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	rafl.css www.rafflecopter.com/static/styles/css/	336 KB 73 KB	401ms 263ms	Stylesheet text/css	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 7f5098cd879aeff6511b4a42f3df48e78a4ee71787dd32068311e7d046b9d0c1 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Last-Modified Sun, 28 May 2017 17:35:20 GMT Server nginx/1.4.5 Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	top-logo.png www.rafflecopter.com/static/img/newhome/	3 KB 3 KB	532ms 133ms	Image image/png	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/static/img/newhome/top-logo.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash e5ead0ca5fed5e6bc04a7e2657eb61489bdee2d0ee469537517b17436637d290 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 ETag "592b0a4d-ca0" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3232
GET H/1.1	200 OK	launch.js Show response widget-prime.rafflecopter.com/	361 B 807 B	168ms 20ms	Script application/javascript	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-prime.rafflecopter.com/launch.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 7b19cbc1080d745484c4951fc7cd28984ba34b6d0a4720e1d62d34c02510576a Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 14 Jun 2019 01:02:13 GMT Content-Encoding gzip Last-Modified Fri, 21 Nov 2014 19:12:16 GMT Server AmazonS3 Age 25825906 ETag "b3e777548d0e13cf1e51d04dc16be5c7" X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=31556900 X-Amz-Cf-Pop FRA50-C1 Connection keep-alive Accept-Ranges bytes Content-Length 257 X-Amz-Cf-Id AKzgabHzI4pzbJASthACJRFPOhKgnV_hdFE52XfUF3GMkxYkYFRVhA==
GET H/1.1	200 OK	logo-footer.png homepage.rafflecopter.com/img/	714 B 1 KB	221ms 21ms	Image image/png	13.225.73.142 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://homepage.rafflecopter.com/img/logo-footer.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-142.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 14ac4b3b97114992a68308f399ba7e528723c20da99f7f74f2a4adb2cb844438 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 07 Feb 2020 13:22:15 GMT Content-Encoding gzip Last-Modified Thu, 01 Oct 2015 16:52:38 GMT Server AmazonS3 Age 5218304 ETag "3fb6517b4ab0fbc5cc15361f13c66378" X-Cache Hit from cloudfront Content-Type image/png Via 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=31556900 X-Amz-Cf-Pop FRA2-C2 Connection keep-alive Content-Length 737 X-Amz-Cf-Id 8fQAs5pfjuJ7eTSoauc6zbPF7C5_fIo9iXq0dxohAjDan_GStuiqqw==
GET H/1.1	200 OK	logo-main.png www.rafflecopter.com/img/	3 KB 3 KB	400ms 136ms	Image image/png	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/img/logo-main.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 152125c136dc4c614d155a7693192357415a69baeefec8c16a953da06c8cb971 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 01 Oct 2015 16:52:38 GMT Server nginx/1.4.5 Age 3329058 ETag "b93b6e07de2ba45f942fa92fde42b7f3" X-Cache Hit from cloudfront Content-Type image/png Via 1.1 d43b56891dec96acc9d50d3711407499.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=31556900 X-Amz-Cf-Pop DFW53-C1 Content-Length 2963 X-Amz-Cf-Id NJrDub5nTKRgA6kUyKvFSj-_aogwEJ1NzZ_FKkyJsWtx1F34d4lGVg==
GET H/1.1	200 OK	boulder-love.png homepage.rafflecopter.com/img/	4 KB 5 KB	241ms 20ms	Image image/png	13.225.73.142 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://homepage.rafflecopter.com/img/boulder-love.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-142.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06aed5a2e6491641a336d32bc3ea03a50494452072ef897e3241c8b137798196 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 23 Mar 2020 13:34:59 GMT Content-Encoding gzip Last-Modified Thu, 01 Oct 2015 16:52:37 GMT Server AmazonS3 Age 1329540 ETag "561dfee2a8676b3ab6d2542c3bf0e8d2" X-Cache Hit from cloudfront Content-Type image/png Via 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=31556900 X-Amz-Cf-Pop FRA2-C2 Connection keep-alive Content-Length 4196 X-Amz-Cf-Id RCn29MS-RRc1wjsqz7CR9reH2hfJUPlr8NQC8vsFTgU8M5mG_zgyfg==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.0/	94 KB 33 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:825::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 18 Jan 2020 01:19:24 GMT content-encoding gzip x-content-type-options nosniff age 6989674 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 33576 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 17 Jan 2021 01:19:24 GMT
GET H/1.1	200 OK	global.js Show response www.rafflecopter.com/static/js/rafl-new/build/min/	14 KB 5 KB	240ms 135ms	Script application/x-javascript	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/static/js/rafl-new/build/min/global.js?anteaters=deadly Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 54900e560535516e101c12a4448262afb572008588f3e00e27b889b105789adb Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	support.js Show response www.rafflecopter.com/static/js/rafl-new/build/min/	10 KB 4 KB	269ms 144ms	Script application/x-javascript	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/static/js/rafl-new/build/min/support.js?anteaters=deadly Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash fbf7da85264f15bbc40961598c634373a43164130e28a022a8ecd144ae46b64b Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Last-Modified Sun, 28 May 2017 17:35:19 GMT Server nginx/1.4.5 Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	segmentalicious.js Show response www.rafflecopter.com/static/js/rafl-new/build/min/	7 KB 3 KB	411ms 142ms	Script application/x-javascript	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.rafflecopter.com/static/js/rafl-new/build/min/segmentalicious.js?anteaters=deadly Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash b4f08338c001b25e59686f0499c2b109f5b50ed5f4340a8460c2969fd414624b Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Content-Encoding gzip Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	load.js Show response widget-prime.rafflecopter.com/	5 KB 3 KB	20ms 20ms	Script application/javascript	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-prime.rafflecopter.com/load.js Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/launch.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 00052b5ba6b232d5c88f9ac1815b5229104eb2606527db935343153703c57edf Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 07 Apr 2020 22:53:29 GMT Content-Encoding gzip Last-Modified Thu, 25 Jul 2019 14:37:19 GMT Server AmazonS3 Age 30 ETag "4c7ff781e735dc34e62831840e898946" X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) Cache-Control max-age=100, s-maxage=50 X-Amz-Cf-Pop FRA50-C1 Connection keep-alive Accept-Ranges bytes Content-Length 2243 X-Amz-Cf-Id wXaXgR1-pZ-fTw3vaS7ikVLoJoOtS_aNvl13PKN6NodX4LfAlcSIbg==
GET H/1.1	200 OK	tn-start.png www.rafflecopter.com/static/img/newhome/	354 B 591 B	134ms 133ms	Image image/png	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/static/img/newhome/tn-start.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 443e613fea1f228a7e215d063a4963eed8c7c7e9361be155a412b42fa9a58046 Request headers Referer https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Last-Modified Sun, 28 May 2017 17:35:19 GMT Server nginx/1.4.5 ETag "592b0a57-162" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 354
GET H/1.1	200 OK	tn-login.png www.rafflecopter.com/static/img/newhome/	340 B 577 B	137ms 136ms	Image image/png	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/static/img/newhome/tn-login.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash dd750ecd37b66bc3786e91d5c0a8a5dd7003d94c8917a719bd9c9c529762c87b Request headers Referer https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 ETag "592b0a4d-154" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 340
GET H/1.1	200 OK	blue.jpg www.rafflecopter.com/static/img/newhome/bg/	101 KB 101 KB	265ms 264ms	Image image/jpeg	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/static/img/newhome/bg/blue.jpg Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash b508cfec92c76e781a975a1722460d09fb94e504d308edc01eed40276eee69a7 Request headers Referer https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Last-Modified Sun, 28 May 2017 17:35:19 GMT Server nginx/1.4.5 ETag "592b0a57-19306" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 103174
GET H2	200	l use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/	14 KB 14 KB	60ms 21ms	Font application/font-woff2	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n6&v=3 Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fd2dcae00d595c62205c1e9c1c9479da45e7782ec52eeaa4676ee899dfe61c6a Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 07 Apr 2020 22:53:58 GMT server nginx access-control-allow-origin * etag "29fcf5b32cc669b4df70b1448b5deb073982b48f" content-type application/font-woff2 status 200 cache-control public, max-age=31536000 timing-allow-origin * content-length 14584
GET H2	200	l use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/	14 KB 14 KB	70ms 31ms	Font application/font-woff2	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n4&v=3 Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 493d2d902ad0cc122ae7fb0512b311338233aa1e5d75cec374deccc1b2b5e4cf Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 07 Apr 2020 22:53:58 GMT server nginx access-control-allow-origin * etag "00f82d7a86427141a0376f81fda913a118ef7de7" content-type application/font-woff2 status 200 cache-control public, max-age=31536000 timing-allow-origin * content-length 14460
GET H/1.1	200 OK	footer-social-sprite.png homepage.rafflecopter.com/img/	500 B 1 KB	20ms 20ms	Image image/png	13.225.73.142 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://homepage.rafflecopter.com/img/footer-social-sprite.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-142.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 8a7698e5781653c534341c7c77e3aa80f9efcb6e1313c0e85f667e9e932b4caf Request headers Referer https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 19 Mar 2020 10:27:28 GMT Content-Encoding gzip Last-Modified Thu, 01 Oct 2015 16:52:38 GMT Server AmazonS3 Age 1686391 ETag "96cdac7ed30916720ea18d13f858d7de" X-Cache Hit from cloudfront Content-Type image/png Via 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=31556900 X-Amz-Cf-Pop FRA2-C2 Connection keep-alive Content-Length 519 X-Amz-Cf-Id PsfZw7wv7TiWCYSeoQtaF3kKTcedtvpFAAFR_Rwm4pIibc_MSsJQPA==
GET H/1.1	200 OK	blue.png www.rafflecopter.com/static/img/newhome/bg/	533 KB 534 KB	272ms 272ms	Image image/png	69.164.195.169 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://www.rafflecopter.com/static/img/newhome/bg/blue.png Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.164.195.169 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li110-169.members.linode.com Software nginx/1.4.5 / Resource Hash 28c0bcdfa58f0e848538387f19ec1e66984e5adf4d1c4000e7109b6fc6534ec5 Request headers Referer https://www.rafflecopter.com/static/styles/css/rafl.css?shiner=meadow User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 22:53:58 GMT Last-Modified Sun, 28 May 2017 17:35:09 GMT Server nginx/1.4.5 ETag "592b0a4d-85553" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 546131
GET H2	200	l use.typekit.net/af/40a5d0/00000000000000003b9ad1af/27/	14 KB 15 KB	75ms 37ms	Font application/font-woff2	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/40a5d0/00000000000000003b9ad1af/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n9&v=3 Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 071f941d6a8715858820ce94b3d128d72066698e3ab4520a833e189c826f2865 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 07 Apr 2020 22:53:58 GMT server nginx access-control-allow-origin * etag "37396f05dcd47bc6b71ae72d44a71a8d80d3fb6f" content-type application/font-woff2 status 200 cache-control public, max-age=31536000 timing-allow-origin * content-length 14804
GET H2	200	l use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/	15 KB 15 KB	45ms 45ms	Font application/font-woff2	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?primer=b997bcdf54b83a9f7b731c29130c4fbe326c83acb7cf220896c6041d3c02ba6a&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/bdl5nui.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ca386af0b6e462f02569bf9a6b6ea69979b45f7987b1343612a8b05d026a22e5 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 07 Apr 2020 22:53:58 GMT server nginx access-control-allow-origin * etag "ff08bddb09db80e95b62fde98d190a6a56a6942b" content-type application/font-woff2 status 200 cache-control public, max-age=31536000 timing-allow-origin * content-length 15036
GET H/1.1	200 OK	main.html Show response widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18	1 KB 1 KB	21ms 20ms	Document text/html	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-prime.rafflecopter.com/classic/02f6849/main.html Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/load.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash efc9a2d367052fa3de79d7293415d3dba4292d719f5cdf6c433f6b2212d5cfbe Request headers Host widget-prime.rafflecopter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Response headers Content-Type text/html Content-Length 614 Connection keep-alive Date Sat, 07 Mar 2020 07:18:23 GMT Last-Modified Thu, 25 Jul 2019 14:37:19 GMT ETag "8cbf7434431bd818e8449c8ea347efa4" Cache-Control max-age=31556900, s-maxage=31556900 Content-Encoding gzip Expires Fri Jul 24 2020 08:37:10 GMT-0600 (MDT) Accept-Ranges bytes Server AmazonS3 X-Cache Hit from cloudfront Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id TayAVR6ISuuVYTsuu5ng9ADQyaiBLFcA7W-Jwj729Ipkn8LYsW8bBQ== Age 2734536
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/	399 KB 79 KB	205ms 204ms	Script text/javascript	143.204.99.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/analytics.min.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/static/js/rafl-new/build/min/segmentalicious.js?anteaters=deadly Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-99-83.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash df5e46fb630cab4b06f4d9b8858357776ac37ff88a65d8cea12f3f10f85add29 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id P4qkt6p3UPg.wVYNyJAe16sxkZNaHZdZ content-encoding gzip x-amz-cf-pop FRA50-C1 x-cache RefreshHit from cloudfront status 200 date Tue, 07 Apr 2020 22:53:59 GMT x-amz-replication-status COMPLETED content-length 80586 via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) last-modified Fri, 03 Apr 2020 19:35:51 GMT server AmazonS3 etag "7585c6c2daf55be2ac5d5dfba8e53b76" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=300 accept-ranges bytes x-amz-cf-id 6lm8YCoff8-Mb_gK3MHBp4HL5jY9tz80RwDPn_GrYQdKEcEJElzxJg==
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/static/js/rafl-new/build/min/segmentalicious.js?anteaters=deadly Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 1227 date Tue, 07 Apr 2020 22:33:31 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Wed, 08 Apr 2020 00:33:31 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=558638101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F&ul=en-us&de=UTF-8&dt=Giveaway%20%7C%20Raffle... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_gid=710519660.1586300039&gjid=1500368268&_v=j81&z=1789497313 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313&slf_rd=1&random=4136476856	42 B 109 B	19ms 18ms	Image image/gif	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313&slf_rd=1&random=4136476856 Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 07 Apr 2020 22:53:58 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:53:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2050882-5&cid=27656693.1586300039&jid=1042004598&_v=j81&z=1789497313&slf_rd=1&random=4136476856 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p.gif p.typekit.net/	35 B 201 B	21ms 19ms	Image image/gif	104.111.215.74 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=1&k=bdl5nui&ht=tk&h=www.rafflecopter.com&f=137.139.173.175&a=221095&js=1.19.2&app=typekit&e=js&_=1586300038814 Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-74.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 07 Apr 2020 22:53:58 GMT last-modified Fri, 18 Oct 2019 21:34:09 GMT server nginx access-control-allow-origin * etag "5daa2fd1-23" content-type image/gif status 200 cache-control max-age=604800 accept-ranges bytes content-length 35 expires Wed, 30 Oct 2019 03:12:45 GMT
GET H/1.1	200 OK	main.js Show response widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18	208 KB 60 KB	21ms 21ms	Script application/javascript	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-prime.rafflecopter.com/classic/02f6849/main.js Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/classic/02f6849/main.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a91d3da3c69e41758e46ae562c53e5b441775e8090a11a2a5ad61da5bf36458e Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 02 Aug 2019 19:23:07 GMT Content-Encoding gzip Age 21526252 X-Cache Hit from cloudfront Connection keep-alive Content-Length 60948 Last-Modified Thu, 25 Jul 2019 14:37:19 GMT Server AmazonS3 ETag "e08d0bc570849f411eea6a7e57827e13" Content-Type application/javascript Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) Cache-Control max-age=31556900, s-maxage=31556900 X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes X-Amz-Cf-Id ktPE-oEMsZKoG2mDhVG0QpvIddQ-WfBlmIRuEWLHn2LGtajRnVb2nA== Expires Fri Jul 24 2020 08:37:10 GMT-0600 (MDT)
GET H/1.1	200 OK	load.gif widget-prime.rafflecopter.com/static/img/ Frame DB18	6 KB 7 KB	56ms 20ms	Image image/gif	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widget-prime.rafflecopter.com/static/img/load.gif Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/classic/02f6849/main.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 2bfd8b569faf3aafd4fa3d3cdcb2058c76ce26852b7862e90b3a2af4fdfd5710 Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 15:58:17 GMT Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) Last-Modified Wed, 22 Oct 2014 23:54:07 GMT Server AmazonS3 Age 24942 ETag "072f7b6d88ecdbfb9d53f977905f17ea" X-Cache Hit from cloudfront Content-Type image/gif Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 6256 X-Amz-Cf-Id L5hHNwdfUB9F1NihPdDiHm0V6BrSBQgkGLhKQKyd6q_22xR2oIk7hw==
GET H2	200	mixpanel-2-latest.min.js Show response cdn.mxpnl.com/libs/	73 KB 25 KB	18ms 6ms	Script text/javascript	2600:1901:0:bc29:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 07 Apr 2020 22:44:28 GMT content-encoding gzip age 571 status 200 x-guploader-uploadid AEnB2Uo3WeOVnCrlD0pcTq1FyCPJUszNuu5ypKymT5XMPeovbg26rzfZYE4k1kFqRwYyHQuwlV8AoU5VgtvENckTKBRwOVVJgA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 24626 last-modified Tue, 17 Mar 2020 00:20:00 GMT server UploadServer etag "9389362670f03c4ba67e892663649d76" vary Accept-Encoding x-goog-hash crc32c=lh1JsA==, md5=k4k2JnDwPEumfokmY2Sddg== content-language en access-control-allow-origin * x-goog-generation 1584404400942635 cache-control public,max-age=600 x-goog-stored-content-length 24626 accept-ranges bytes content-type text/javascript expires Tue, 07 Apr 2020 22:54:28 GMT
GET H2	200	track.js Show response assets.customer.io/assets/	3 KB 2 KB	51ms 14ms	Script text/javascript	108.161.187.71 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://assets.customer.io/assets/track.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.187.71 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 01043c5ebd1190e2c15d1e2f8104872bed151a4433293608f9ce9769c8a414ec Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 07 Apr 2020 22:53:59 GMT content-encoding gzip last-modified Fri, 23 Feb 2018 20:42:03 GMT server NetDNA-cache/2.2 x-amz-request-id 13C472DE09BFBDE2 etag "03fd9f5696d2bdc77e15353eb29f141d" x-cache HIT content-type text/javascript status 200 cache-control public, max-age=86400 accept-ranges bytes content-length 1431 x-amz-id-2 IF9/ODoV0btUVtB6ZWTlISL9I9VLIQV6DyFk55bLlDksnKKnhM3sJQ38kdMDC6C6SIEZTOeAP4Q= expires Sat, 24 Feb 2018 20:42:01 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	126 KB 30 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/vSxDQ9MHTpnuGDst7AIGarT1lV5M8fUF/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 content-length 30466 x-xss-protection 0 pragma public x-fb-debug 1tzrSU3mdtRUxy9DY39+xq9AV9YH5bmI0GIkO8syYVwdp0HMPUHPI5jVvXqRVjgHyJTH92rjB3Fp2sic/J+oxw== x-fb-trip-id 1850256238 date Tue, 07 Apr 2020 22:53:59 GMT, Tue, 07 Apr 2020 22:53:59 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response api-js.mixpanel.com/decide/	65 B 143 B	51ms 22ms	XHR application/json	35.186.241.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=34f966f6c8e6eeddfba1554b9e006055&ip=1&_=1586300039069 Requested by Host: cdn.mxpnl.com URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.241.186.35.bc.googleusercontent.com Software gunicorn/19.9.0 / Resource Hash 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 07 Apr 2020 22:53:59 GMT via 1.1 google server gunicorn/19.9.0 access-control-allow-headers X-Requested-With status 200 access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.rafflecopter.com cache-control no-cache, no-store access-control-allow-credentials true alt-svc clear
POST H2	200	/ Show response api-js.mixpanel.com/track/	1 B 326 B	46ms 21ms	XHR application/json	35.186.241.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/track/?ip=1&_=1586300039073 Requested by Host: cdn.mxpnl.com URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.241.186.35.bc.googleusercontent.com Software envoy / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? Origin https://www.rafflecopter.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 07 Apr 2020 22:53:58 GMT via 1.1 google server envoy access-control-allow-headers X-Requested-With status 200 access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.rafflecopter.com access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true x-envoy-upstream-service-time 0 alt-svc clear content-length 1
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	34 KB 11 KB	86ms 29ms	Script text/javascript	23.213.164.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.rafflecopter.com URL: https://www.rafflecopter.com/rafl/display/e4c992cd29/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-149.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id EEryoP57M4BXSHtGt9JFNoNG_YhGzXxp Content-Encoding gzip x-amz-request-id 5B64FB7E0A29A18E x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Tue, 07 Apr 2020 22:53:59 GMT Connection keep-alive Content-Length 10905 x-amz-id-2 cyhtZzUMRRH+3azNobhgA/owi1TOIrHigGwio+Vd/0CCKLcw4WcCHJh++0vWdWKuZdO/e9F4VUU= Last-Modified Wed, 01 Apr 2020 18:03:06 GMT Server AmazonS3 ETag "9884704eb3fc99427eb5b90c4bbab62c" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	page.gif track.customer.io/events/	36 B 211 B	143ms 114ms	Image image/gif	35.227.225.220 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&s=b789d89f-296a-f192-822b-49c2e3584385&c=&site_id=18257bddda840ffdf640&timestamp=1586300039542 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.225.220 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 220.225.227.35.bc.googleusercontent.com Software / Resource Hash c81b7e9e73c457ba64106f312dade57cfe8ad02ef7b9751c8b6d73a6288f4009 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 07 Apr 2020 22:53:59 GMT via 1.1 google content-type image/gif status 200, 200 OK cache-control no-cache, no-store, must-revalidate, max-age=0 content-transfer-encoding binary content-disposition attachment alt-svc clear content-length 36
GET H/1.1	200 OK	default.css customizer-css.rafflecopter.com/-/02f6849/classic/ Frame DB18	70 KB 70 KB	110ms 20ms	Stylesheet text/css	13.224.194.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://customizer-css.rafflecopter.com/-/02f6849/classic/default.css Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/classic/02f6849/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-11.fra2.r.cloudfront.net Software nginx/1.4.5 / Express Resource Hash 4cf1217b7b7da0a6094f594d6d31c21d31b6c85c976d8e7fe803158c3d968fe6 Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 06 Apr 2020 22:16:23 GMT Via 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront) ETag W/"11777-3874857257" Server nginx/1.4.5 Age 88656 X-Powered-By Express Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css; charset=utf8 Cache-Control max-age=31556900, s-maxage=604800; X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Content-Length 71543 X-Amz-Cf-Id wDl1bcoBZJbqAUrVvKRk5mrq9-eLkuWmQ_XGXXjRsvozRH9ViVQ9mw== Expires Thu, 01 Dec 2016 20:00:00 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/ Frame DB18	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/classic/02f6849/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4ea520a2efe581657e49d56aaa121073fdf8e4ca2ed70cccc2bcda0f7e9ab53b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 XFdSALuXQ0HeonHEadFhmA== status 200 date Tue, 07 Apr 2020 22:53:59 GMT, Tue, 07 Apr 2020 22:53:59 GMT expires Tue, 07 Apr 2020 23:10:55 GMT alt-svc h3-27=":443"; ma=3600 content-length 1780 x-fb-debug tHBzTVU5s0R+qKKFdPwPnoSpzY7xSErp7emHFYfr1fAoy4qm/vCEDRCH8x4Ozda42ShbgbWZ9VHd3NB3HGh4rw== x-fb-trip-id 1850256238 x-fb-content-md5 b252e40da008d88043dfd16c8f9b28bd etag "2ac5aae344538250d41d49863326c632" x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	fb-min.png d1bg42r4siwejx.cloudfront.net/ Frame DB18	1 KB 2 KB	89ms 20ms	Image image/png	13.225.87.30 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1bg42r4siwejx.cloudfront.net/fb-min.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.30 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-30.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 39df299896edba64a8ee29f14d9f2a9441594d6d5e1541b3d846737122464d69 Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 07 Apr 2020 05:54:13 GMT Via 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront) Last-Modified Thu, 25 Jul 2019 14:24:02 GMT Server AmazonS3 Age 61187 ETag "3aaa41124a1231a77feeb05813fe1226" X-Cache Hit from cloudfront Content-Type image/png X-Amz-Cf-Pop FRA2-C2 Connection keep-alive Accept-Ranges bytes Content-Length 1188 X-Amz-Cf-Id AFrBlV9FRcC6dCQk9apvpIeKqyKOsRgyIBcXWbeqJ8olWbem3Vp7hA==
GET H2	200	sdk.js Show response connect.facebook.net/en_US/ Frame DB18	388 KB 114 KB	17ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=3173994a0bb9aaac6bd5d76c2ce22662&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7784ee99ffa9833c4c8935c133fa5552037376752fa79281410016bfd3f6669e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html Origin https://widget-prime.rafflecopter.com Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 QJeweECjWZ1+6vUZKSd8qg== status 200 date Tue, 07 Apr 2020 22:53:59 GMT, Tue, 07 Apr 2020 22:53:59 GMT expires Wed, 07 Apr 2021 22:50:55 GMT alt-svc h3-27=":443"; ma=3600 content-length 115910 x-fb-debug EWPN3DL11UIrDX+rAlST+WbrgNS/5bm1JmMRomKJ4/O/sOL277Ro8AcRZptY7+g/h7xoyIRQ02TE0DP9BnV1gQ== x-fb-trip-id 1850256238 x-fb-content-md5 d78d410f937e36f2e149643a47ac270f etag "732a17baaf57db4c46f43c8fbae663c9" x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/GMHKO672IFDXXL2J6IGA2A/index.js https://s.adroll.com/j/exp/index.js	28 B 747 B	35ms 35ms	Script application/javascript	23.213.164.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-149.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id oJIzvk_mmLAXF5iekxvT5NnrQtQSmq7M Content-Encoding gzip x-amz-request-id CC0F73FCFF952524 x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Tue, 07 Apr 2020 22:53:59 GMT Connection keep-alive Content-Length 48 x-amz-id-2 l2SuY/Zqhw+xyJkj7InfvqoJzNpqh9IGnRBj0DT2XibyJ/lFEH5SE9WbzHsCVnMaz+lknVzoYg8= Last-Modified Thu, 02 Apr 2020 22:43:50 GMT Server AmazonS3 ETag "5816cced8568d223aa09d889f300692b" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers Date Tue, 07 Apr 2020 22:53:59 GMT Server AkamaiGHost Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/	0 773 B	91ms 34ms	Script text/javascript	23.213.164.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-149.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id JC_UAB7lkTXf1HjJXZ_FmLCO6uGce5tx Content-Encoding gzip x-amz-request-id 1E3452482B46BB65 x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Tue, 07 Apr 2020 22:53:59 GMT Connection keep-alive Content-Length 20 x-amz-id-2 22GVQZEMRUCUvhGVF4w7zAUUVcKMWuO2QgAZBIPO5Kxe40D7PPCAETof6Ib87Nnn3dn63oEN2EE= Last-Modified Tue, 07 Apr 2020 15:33:09 GMT Server AmazonS3 ETag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	/ Show response d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/ Redirect Chain https://d.adroll.mgr.consensu.org/consent/iabcheck/GMHKO672IFDXXL2J6IGA2A?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2 https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2	113 B 581 B	34ms 33ms	Script application/javascript	52.30.46.216 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.46.216 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-46-216.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash f6a332b0c74a6f257a7102f86013137da34a93c58e305bada56fc57fdc12988d Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type application/javascript content-length 113 Redirect headers status 302 date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 content-length 105 location https://d.adroll.com/consent/check/GMHKO672IFDXXL2J6IGA2A/?_s=20bdb80c1562a7f116deb3402f6371ee&_b=2
GET H/1.1	200 OK	main.html widget-prime.rafflecopter.com/classic/02f6849/ Frame DB18	1 KB 1 KB	20ms 20ms	Image text/html	143.204.97.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widget-prime.rafflecopter.com/classic/02f6849/main.html Requested by Host: widget-prime.rafflecopter.com URL: https://widget-prime.rafflecopter.com/classic/02f6849/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.97.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-97-118.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://widget-prime.rafflecopter.com/classic/02f6849/main.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sat, 07 Mar 2020 07:18:23 GMT Content-Encoding gzip Age 2734537 X-Cache Hit from cloudfront Connection keep-alive Content-Length 614 Last-Modified Thu, 25 Jul 2019 14:37:19 GMT Server AmazonS3 ETag "8cbf7434431bd818e8449c8ea347efa4" Content-Type text/html Via 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront) Cache-Control max-age=31556900, s-maxage=31556900 X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes X-Amz-Cf-Id gPYNiXHoXocjMmlKrzpROgQg9VHajfdugztd83Jzymq-Juk9kHQIvA== Expires Fri Jul 24 2020 08:37:10 GMT-0600 (MDT)
GET H/1.1	200 OK	OGA5LFWPVFASVJRYK5IB2G.js Show response s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/ Redirect Chain https://d.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c99... https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/OGA5LFWPVFASVJRYK5IB2G.js	4 KB 2 KB	36ms 36ms	Script text/javascript	23.213.164.149 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/OGA5LFWPVFASVJRYK5IB2G.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-149.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 7e13f25aba70e794aa9f8a076c45610f12cac4e0221cd79129fc86d350b9bfa2 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id hXrz4WyXDOfu84tkFtYYgLBT.gDSKXZ1 Content-Encoding gzip x-amz-request-id D026A359461067D1 x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Tue, 07 Apr 2020 22:53:59 GMT Connection keep-alive Content-Length 1487 x-amz-id-2 r8nHdZ9Y9QBOoNzHxGHYs66snC4mTElXIouWXwKyieF6JBOA+5P9ldCsqm7BKVEXVRjAoB7sCZw= Last-Modified Tue, 04 Feb 2020 01:57:03 GMT Server AmazonS3 ETag "a5d4fd0c854a78e3a6387830910e1f39" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers date Tue, 07 Apr 2020 22:53:59 GMT x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.16.1 x-rule * x-segment-eid OGA5LFWPVFASVJRYK5IB2G location https://s.adroll.com/pixel/GMHKO672IFDXXL2J6IGA2A/AOAMV6UOVVCXZAZHIPBWE6/OGA5LFWPVFASVJRYK5IB2G.js cache-control no-store, no-cache, must-revalidate x-pixel-eid AOAMV6UOVVCXZAZHIPBWE6 x-segment-name * x-advertisable-eid GMHKO672IFDXXL2J6IGA2A x-conversion-currency
GET H2	200	747428811997279 Show response connect.facebook.net/signals/config/	447 KB 112 KB	352ms 351ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/747428811997279?v=2.9.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bf51a07c922e1ba90cf0ca149942976acbb60991c1d2d79cc6fd27a241a1db81 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug SkXLiOiQLXDf/xMYK0bUSMMTly8VeLh33jC4NI0Qt2G1YH9196sOxQ0aaN+TlTWApz3QUlnMcXdS9k9reKnSYw== x-fb-trip-id 1850256238 date Tue, 07 Apr 2020 22:54:00 GMT, Tue, 07 Apr 2020 22:54:00 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/aol/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO67... https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://pixel.advertising.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true https://ups.analytics.yahoo.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab5d5211-7922-11ea-9499-02...	0 977 B	74ms 31ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab5d5211-7922-11ea-9499-02de1677167c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.106 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 07 Apr 2020 22:53:59 GMT Server ATS/7.1.2.106 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers status 302 date Tue, 07 Apr 2020 22:53:59 GMT strict-transport-security max-age=31536000 content-length 0 location https://ups.analytics.yahoo.com/ups/55980/sync?uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab5d5211-7922-11ea-9499-02de1677167c p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039&C=1	43 B 1003 B	41ms 41ms	Image image/gif	23.213.165.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-44.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Apr 2020 22:53:59 GMT Server Apache P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 07 Apr 2020 22:53:59 GMT Redirect headers Pragma no-cache Date Tue, 07 Apr 2020 22:53:59 GMT Server Apache P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expiration=1617836039&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 333 Expires Tue, 07 Apr 2020 22:53:59 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expires=365	0 239 B	107ms 27ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expires=365 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Cache-Control no-cache,no-store,must-revalidate Content-Type image/gif P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Expires 0 Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&expires=365 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 124
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GM... https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&rdrctExp=true	0 450 B	91ms 90ms	Image text/plain	64.202.112.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&rdrctExp=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-TraceId 35c3a82361b1b516f2b2c8aa8c28d601 Date Tue, 07 Apr 2020 22:54:00 GMT Content-Length 0 Redirect headers Location https://sync.outbrain.com/cookie-sync?p=adroll&uid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&rdrctExp=true Date Tue, 07 Apr 2020 22:54:00 GMT X-TraceId d74b8a65b624f8eeb1615603a15de450 Content-Length 0
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GM... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...	1 B 1010 B	83ms 20ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Apr 2020 22:53:59 GMT X-lat Pug23025:0:251 Server Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 Cache-Control no-store, no-cache, private P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" X-Cnection close Content-Type text/html; charset=utf-8 Content-Length 1 Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 220
GET H2	200	in d.adroll.com/cm/r/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	42 B 500 B	34ms 34ms	Image image/gif	52.30.46.216 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.46.216 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-46-216.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 Redirect headers date Tue, 07 Apr 2020 22:53:59 GMT referrer-policy no-referrer-when-downgrade server ATS age 0 location https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 p3p policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" status 302 x-content-type-options nosniff content-length 0 x-xss-protection 1; mode=block
GET H2	204	/ trc.taboola.com/sg/adroll-network/1/rtb-h/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMH... https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE	0 280 B	82ms 35ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 9 date Tue, 07 Apr 2020 22:54:00 GMT via 1.1 varnish server nginx x-timer S1586300040.030824,VS0,VE9 x-served-by cache-hhn4048-HHN x-cache MISS status 204 accept-ranges bytes x-cache-hits 0 Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:53:59 GMT server nginx/1.16.1 location https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 111
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=... https://eb2.3lift.com/xuid?mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=	37 B 352 B	23ms 23ms	Image image/gif	35.157.108.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.108.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-108-20.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 07 Apr 2020 22:54:00 GMT cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" content-length 37 content-type image/gif Redirect headers status 302 date Tue, 07 Apr 2020 22:54:00 GMT cache-control no-cache, no-store, must-revalidate content-length 0 location /xuid?ld=1&mid=4714&xuid=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy= p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://x.bidswitch.net/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE	43 B 378 B	32ms 32ms	Image image/gif	52.59.143.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.143.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-143-82.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 07 Apr 2020 22:54:01 GMT cache-control no-cache, no-store, must-revalidate p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers status 302 date Tue, 07 Apr 2020 22:54:01 GMT cache-control no-cache, no-store, must-revalidate content-length 0 location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://ib.adnxs.com/setuid?entity=172&code=Y2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DY2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE	43 B 1 KB	14ms 13ms	Image image/gif	185.33.223.202 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DY2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Apr 2020 22:54:03 GMT AN-X-Request-Uuid 47de3570-8701-44d9-9522-7fc22b464cb8 Content-Type image/gif Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.217.171.12; 185.217.171.12; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80 Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 07 Apr 2020 22:54:03 GMT AN-X-Request-Uuid da3f009a-4ecc-496a-add2-3649a3dccf7d Content-Type text/html; charset=utf-8 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DY2Q0ZjRhMmRiY2EzOWMwYzI4NGVmOGQxZDM5MzQ2NTE Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 185.217.171.12; 185.217.171.12; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	377928.gif idsync.rlcdn.com/ Redirect Chain https://d.adroll.com/cm/l/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://idsync.rlcdn.com/377928.gif?partner_uid=cd4f4a2dbca39c0c284ef8d1d3934651	0 62 B	159ms 120ms	Image text/plain	35.190.72.21 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/377928.gif?partner_uid=cd4f4a2dbca39c0c284ef8d1d3934651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 21.72.190.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 date Tue, 07 Apr 2020 22:54:00 GMT via 1.1 google alt-svc clear Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:54:00 GMT server nginx/1.16.1 location https://idsync.rlcdn.com/377928.gif?partner_uid=cd4f4a2dbca39c0c284ef8d1d3934651 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 86
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://us-u.openx.net/w/1.0/sd?id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651 https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651	43 B 183 B	20ms 20ms	Image image/gif	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.183.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 07 Apr 2020 22:54:00 GMT via 1.1 google server OXGW/16.183.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" status 200 cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Tue, 07 Apr 2020 22:54:00 GMT via 1.1 google server OXGW/16.183.0 location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=cd4f4a2dbca39c0c284ef8d1d3934651 p3p CP="CUR ADM OUR NOR STA NID" status 302 alt-svc clear content-length 0
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=20ba17ef75e9c9331fd9d86dcfeedc83-1586300039742&arrfrr=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&xid_ch=f&advertisable=GMHKO672I... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=zU9KLbyjnAwoTvjR05NGUQ&google_tc= https://d.adroll.com/cm/g/in	42 B 536 B	32ms 32ms	Image image/gif	52.30.46.216 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.46.216 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-46-216.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 07 Apr 2020 22:54:00 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Tue, 07 Apr 2020 22:54:00 GMT server HTTP server (unknown) location https://d.adroll.com/cm/g/in p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 248 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=747428811997279&ev=PageView&dl=https%3A%2F%2Fwww.rafflecopter.com%2Frafl%2Fdisplay%2Fe4c992cd29%2F%3F&rl=&if=false&ts=1586300040199&cd[segment_eid]=CJOUOJW6CNFITFAAAVKY4Z%2CGXTZMCVQDBDN5NHSQKYZT4%2COGA5LFWPVFASVJRYK5IB2G&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=29&fbp=fb.1.1586300040199.1478290330&it=1586300039057&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.rafflecopter.com/rafl/display/e4c992cd29/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 07 Apr 2020 22:54:00 GMT, Tue, 07 Apr 2020 22:54:00 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Tue, 07 Apr 2020 22:54:00 GMT