sweepstakessurvey.org Open in urlscan Pro
2606:4700:20::681a:fd7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_ca...
Effective URL:
https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485...
Submission: On November 19 via manual (November 19th 2021, 6:30:54 pm UTC) from KR — Scanned from DE

Summary HTTP 90 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 90 HTTP transactions. The main IP is 2606:4700:20::681a:fd7, located in United States and belongs to CLOUDFLARENET, US. The main domain is sweepstakessurvey.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.

This is the only time sweepstakessurvey.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:20:... 2606:4700:20::681a:c39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3033::6815:1c0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	139.45.197.253 139.45.197.253	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
29	2606:4700:20:... 2606:4700:20::681a:fd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
90	11

11 2606:4700:20::681a:c39 (United States)

ASN13335 (CLOUDFLARENET, US)

profitedsurvey.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1c0a (United States)

ASN13335 (CLOUDFLARENET, US)

tagstaticx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

itcleffaom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lehtymns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

ugyplysh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Groet, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

tagdataxrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::681a:fd7 (United States)

ASN13335 (CLOUDFLARENET, US)

sweepstakessurvey.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	sweepstakessurvey.org sweepstakessurvey.org	285 KB
11	profitedsurvey.online profitedsurvey.online	163 KB
7	propeller-tracking.com propeller-tracking.com	8 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
3	rtmark.net my.rtmark.net	2 KB
2	yandex.ru mc.yandex.ru Failed	65 KB
2	in-page-push.net in-page-push.net	5 KB
1	tagdataxrt.com tagdataxrt.com Failed
1	lehtymns.com lehtymns.com	2 KB
1	ugyplysh.com ugyplysh.com	258 B
1	itcleffaom.com itcleffaom.com	654 B
1	tagstaticx.com tagstaticx.com	20 KB
0	google.com Failed www.google.com Failed
0	googlesyndication.com Failed pagead2.googlesyndication.com Failed
90	14

	Domain	Requested by
29	sweepstakessurvey.org	lehtymns.com sweepstakessurvey.org
11	profitedsurvey.online	profitedsurvey.online
7	propeller-tracking.com	profitedsurvey.online propeller-tracking.com sweepstakessurvey.org
5	mc.yandex.com	2 redirects sweepstakessurvey.org
3	my.rtmark.net	profitedsurvey.online tagstaticx.com lehtymns.com sweepstakessurvey.org
2	mc.yandex.ru	profitedsurvey.online sweepstakessurvey.org
2	in-page-push.net	profitedsurvey.online
1	tagdataxrt.com	tagstaticx.com
1	lehtymns.com	profitedsurvey.online
1	ugyplysh.com	profitedsurvey.online
1	itcleffaom.com	profitedsurvey.online
1	tagstaticx.com	profitedsurvey.online
0	www.google.com Failed
0	pagead2.googlesyndication.com Failed	tagstaticx.com
90	14

This site contains links to these domains. Also see Links.

Domain
lehtymns.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-22` - `2022-11-06`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
itcleffaom.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
in-page-push.net R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
ugyplysh.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
lehtymns.com R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
tagdataxrt.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-09` - `2022-03-09`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Frame ID: 6D0F123CBEDB65B26E7C5C1F20C14A8E
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dear user

Page URL History Show full URLs

https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98... Page URL
https://lehtymns.com/4533056/?var=4493500&request_var=1309_156444&var3=485629142082786114 Page URL
https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f... Page URL

Page Statistics

90
Requests

66 %
HTTPS

40 %
IPv6

14
Domains

14
Subdomains

11
IPs

4
Countries

549 kB
Transfer

1372 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lehtymns.com/4180207/?var=4533056&ymid=4493500

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2 Page URL
https://lehtymns.com/4533056/?var=4493500&request_var=1309_156444&var3=485629142082786114 Page URL
https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9462.BhVUXkb1mwy0q3mZC444YxoyFrJR0KQuqAJl46cjY4d320JAmgNNWeHNvG7b1uPs.pWByduKV_uwSZ8xq9rc4KgeHPsc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9462.W6dTVVgg5AYVuubEbnWzt5bcMBnaE-9_MayaB0XhKkRWqeilSkpJ1LsVsh3lnUVF9pWskWTfKwg1QBO9fDkAZA%2C%2C.s4m6orllTMnGGvqWF2gqJtoaeuI%2C

Request Chain 87

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6c1c%26s%3D485629632570483107%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A168%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A947537842771%3Ahid%3A361552091%3Az%3A0%3Ai%3A20211119183046%3Aet%3A1637346646%3Ac%3A1%3Arn%3A781036988%3Arqn%3A1%3Au%3A1637346646994792320%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637346646018%3Ads%3A17%2C27%2C62%2C1%2C1%2C0%2C%2C126%2C3%2C%2C%2C%2C240%3Adsn%3A16%2C28%2C62%2C0%2C1%2C0%2C%2C129%2C3%2C%2C%2C%2C239%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637346646%3At%3ADear%20user&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6c1c%26s%3D485629632570483107%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A168%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A947537842771%3Ahid%3A361552091%3Az%3A0%3Ai%3A20211119183046%3Aet%3A1637346646%3Ac%3A1%3Arn%3A781036988%3Arqn%3A1%3Au%3A1637346646994792320%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637346646018%3Ads%3A17%2C27%2C62%2C1%2C1%2C0%2C%2C126%2C3%2C%2C%2C%2C240%3Adsn%3A16%2C28%2C62%2C0%2C1%2C0%2C%2C129%2C3%2C%2C%2C%2C239%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637346646%3At%3ADear%20user&t=gdpr%2814%29ti%282%29

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 finance-survey.html Show response
profitedsurvey.online/ 4 KB
2 KB 101ms
72ms Document
text/html 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ae2b5f8874ad6448376299c4c02bd9cbc4ce1badd521b4b337e48637b24e46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-type: text/html
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvvVqfryvOwa6tJN0JGlpEhuZ%2BDsWxEKVlt2RTV4vKPQt0YXxBjoZyx%2BSIyGiVdlgiK0NDmxuDrXAq8CPev11ZRkwUfyxYLrPQ8C8BqJE2Ir2OF50CRLt3P3B2qBk5KNQVd4EHtnv5cRjTpwVVmn3QGW0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b0b82f6dae66957-FRA
content-encoding: br

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 45ms
12ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 773d7d03af9bc619ea88b0b4c125bc66
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 rtc.js Show response
profitedsurvey.online/js/data/ 11 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/data/rtc.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6993
cf-polished: origSize=15077
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-3ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDCeHg1sypr4gLAbX%2B1eQbuWBhAw5H1DMzEPGPyLd3I5y%2BJd%2F8QQouXy8WicvoMUmyMY%2BnGTrVOgvdpPKL8%2FQ%2BTqIvlERB49gybUYPP93xGmasGlvWJmT4DabzuU%2FUt%2FiNxnZZ%2F9mFZERWskuhFZb7bemw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82f76ca36957-FRA
cf-bgj: minify

GET
H2 200 config.js Show response
profitedsurvey.online/js/ 62 KB
19 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/config.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f434ef1b8720f39f6ccc969b2d9c8fbf5850b78caa145e17b4f1149ec0aa7d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6993
etag: W/"61979a77-f803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poCfQUVCRk5eF0TvTn79uP9TRXozV0EcdzlRORgkWT2mt66E2BFWoXUv5HTovmC6FrQmSWnkiPHdKeTZFZKOKk9byhorJ8pukIz%2FpUmi%2F%2FrkgUPN4h5tYr5GA4QmNq0bcR%2Fta67GqyoZ6xy75PElffyh5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f76ca46957-FRA
cf-bgj: minify

GET
H2 200 survey.css
profitedsurvey.online/css/ 19 KB
5 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/css/survey.css
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e82abefb7f047ffecd1a09b10868ae7f49272fb06bf2013559afd325bd75f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6993
cf-polished: origSize=19903
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-4dbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMbKszV2meLkKq0FwZUu2qAeLCFfE27AELVgkJdLJiiux8A5gZGRNfVHDQnF9xK7DFXmwUXjgd3GsYElWWkm%2BeC9KEg2EoIfsFnSBkCLPayCeRbjYeaEkIfU42mDotgS5WBaogapbfUcZz2Fh8LRWfEI7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b0b82f76ca66957-FRA
cf-bgj: minify

GET
H2 200 style.css
profitedsurvey.online/css/ 33 KB
5 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/css/style.css?v=1
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b83e91c86f303d98ede9ff0b4700d0f68ebbd39370fa7b744b51d1e9e08135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6993
cf-polished: origSize=33802
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-840a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZNHytqxPX0Um5X136ZVyj%2FUne1Nixx2ORV0GJGRy5OHWnDdO7dvh8DL%2FeuwyyctO%2Ffyb4IEesji5VI9KzQU0zuvVBPDtzxmluI9w0eVFJ52cdaT6%2FiPyrzuxcLQukikJFakUWiYzJINZX6leXtiOnEOJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b0b82f76ca86957-FRA
cf-bgj: minify

GET
H2 200 icon-survey.svg
profitedsurvey.online/img/ 3 KB
1 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitedsurvey.online/img/icon-survey.svg
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6972
etag: W/"61979a77-c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zONuzE4TXd74cuuNejxEJS3BnQJinIdUkVg51P3yYZOS4ZCJH16fWf6H2r2zifWU6XzcwLOIu7MtMnROo7L4MCiXXGchijaIl9fmp1e3Vbp1L0Y4Wlz%2FIxhYjWq5LCjY2UCj359aW1lgy2dEZvnsfE5tCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f7ad6d6957-FRA

GET
H2 200 survey-site.js Show response
profitedsurvey.online/js/ 3 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/survey-site.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ce1add3a481e1df35ca5c582f7b8cc2eb19779063dd89e66f2b142ef57cf3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6973
etag: W/"61979a77-b23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccQ4ZVpFboTVK3rBtb4C2pzwLAWGE30MOIqM3ScnFg%2FKk6ihwna9HnE6K24LSlSCZ8M%2BaSboL0Y0gAHOZxJIGBVGsX6oDa2yVJYp8V6oTuoCFgAaYBKwrrkm5%2BS9AKVLBWNb%2FskInCEcWYP3zpXWWjxocQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f7ad776957-FRA
cf-bgj: minify

GET
H2 200 survey.js Show response
profitedsurvey.online/js/ 277 KB
87 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/survey.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_156444&ymid=6197ecede98e930001ae1073&utm_campaign=1309_156444&utm_medium=4493500&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090a9a489bd045a5b847c526cab2c6010173d899f7eb43db3e825221220f4d46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6993
cf-polished: origSize=283886
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-454ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0N6jXJPrvv92jIFaPUhtrcaAN8or%2BZaGb%2B19Oe9UdyzXwOqsme4RZMmFKT0%2F4o4%2F85lae6SBtLpT%2FS7CQfHVE4it34ZtG%2FxzjvX%2BSHfvcqu%2Bkp9vp%2FHtIOXI%2B8jJQay6DyXy%2FRzyaBbROd0ntsY2E5yPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82f7ad646957-FRA
cf-bgj: minify

GET
H2 200 sd-1203000.js Show response
profitedsurvey.online/js/data/ 11 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/data/sd-1203000.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ace813d678cdd8a91bfec6cb3efeb167b7334190b919b2f155768bf466952bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6749
cf-polished: origSize=20412
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-4fbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKddK%2BT5IkDT3a0za%2B85X5jygmAqjTEaWBS9bwoL6JKJm2NQyO8bnmWMphc4arLeOB%2Fv56X%2F%2FPznobzWbD99lvqdOtLYNSCAN3rdtd2SZ7KT8PMrlwKZRLi4LrpC6PCpW0PRVLnf17m2oLkhix3ryHc38A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82f7ad796957-FRA
cf-bgj: minify

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
497 B 12ms
12ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=82892

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 1d876e59447c174fc988b73f715969f3
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://profitedsurvey.online
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 micro.tag.min.js
profitedsurvey.online/pfe/current/ 131 KB
34 KB 60ms
54ms Script
application/javascript 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/pfe/current/micro.tag.min.js?z=4292862&sw=/sw/sw4292862.js&var=4493500&var_3=null&ymid=1309_156444&cdn=1&domain=ugyplysh.com
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-20bd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxwEqoSYK6%2F5jmgPp%2BEjjUCZtT6qeq4dz%2FHaoIjnBqH8nNLNaSJz1y0lCoL3KgDohZiOlU8sQrylnox26aZ08fCJH%2Bj7iLpRHidnW5yzXeBeOMiQeERNOPOko4hs%2FwjTeV4BaotZYokZU2esyMUQVIKGbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f7ddfd6957-FRA

POST
H2 204 vbl
propeller-tracking.com/ 0
496 B 12ms
11ms Ping
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: e0c7d15d19790153a64ffde68fcc2421
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://profitedsurvey.online
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.js
tagstaticx.com/ 54 KB
20 KB 55ms
22ms Script
application/javascript 2606:4700:3033::6815:1c0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tagstaticx.com/tag.js
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1c0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Nov 2021 14:39:55 GMT
server: cloudflare
age: 4016
etag: W/"619665bb-d76b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noez80ns1wslB215jephbitozD%2BW3xHotVMjNqruzG1BwIS73jOKJR9T5K0rOaxq54Fr47uks9WimrFodzNI0uxUaHNKbgkDmnvu89JKpl17VC1DzOCu1ipmFHSQKm1%2BX5eJFHXB9%2FkGqADs%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f83d153250-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gid.js
my.rtmark.net/ 65 B
549 B 50ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://profitedsurvey.online
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 track
itcleffaom.com/ 195 B
654 B 57ms
14ms XHR
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://itcleffaom.com/track?offer_id=2897&z=4493500&request_var=1309_156444&variable2=6197ecede98e930001ae1073

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: cd9e49b69158ad440736d5fed0e298d3
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://profitedsurvey.online
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 195
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 4292525
in-page-push.net/500/ 4 KB
2 KB 56ms
19ms XHR
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.net/500/4292525?var=4493500&ymid=1309_156444

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 44a0017986bd0c3f42152429727ea066
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://profitedsurvey.online
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 4326638
in-page-push.net/500/ 4 KB
2 KB 55ms
18ms XHR
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.net/500/4326638?var=4493500&ymid=1309_156444

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 838f21f9f3ad7f7135b94222d08fd074
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://profitedsurvey.online
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 en.json
profitedsurvey.online/js/comments/ 4 KB
1 KB 56ms
54ms XHR
application/json 2606:4700:20::681a:c39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://profitedsurvey.online/js/comments/en.json
Requested by: Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-11c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El2dFHi6Ye6ms96zhZH%2F6Etg0Y3Z7MR%2ByRpQppgrh6PSpe1bATCILkGWze13ITEANGe%2FtowQbpwULiJBah%2Bb%2BXMuWAGN%2BvyasGQosemDCtcUPfhxmcjx%2FAVe9p1pYz0X9Lpx1ylGXRT8ly9PTr%2BRgqG1qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82f82ede6957-FRA

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET cookie-consent-1.json
profitedsurvey.online/js/dict/ 0
0

POST
H2 200 zone
ugyplysh.com/ 0
258 B 57ms
25ms Ping
text/plain 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugyplysh.com/zone?pub=0&zone_id=4292862&is_mobile=false&domain=profitedsurvey.online&var=4493500&ymid=1309_156444&var_3=null&action=prerequest

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/pfe/current/micro.tag.min.js?z=4292862&sw=/sw/sw4292862.js&var=4493500&var_3=null&ymid=1309_156444&cdn=1&domain=ugyplysh.com

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 5e5fff3d3feb17f37bffa9164653683f
date: Fri, 19 Nov 2021 18:30:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-origin: https://profitedsurvey.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H2 200 /
lehtymns.com/4533056/ 2 KB
2 KB 55ms
18ms Document
text/html 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lehtymns.com/4533056/?var=4493500&request_var=1309_156444&var3=485629142082786114

Requested by

Host: profitedsurvey.online
URL: https://profitedsurvey.online/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 19 Nov 2021 18:30:45 GMT
content-type: text/html; charset=utf8
x-trace-id: 7142f1bdf609fa3daa1da829ae227b1d
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://sweepstakessurvey.org>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip

HEAD adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

GET gid.js
my.rtmark.net/ 0
0

GET pix.jpg
tagdataxrt.com/ 0
0

GET version.js
tagdataxrt.com/ 0
0

GET googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 0
0

GET googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 0
0

GET googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 0
0

GET googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 0
0

GET googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 0
0

OPTIONS
H/1.1 200
OK add
tagdataxrt.com/ir/ 0
0 49ms
12ms Preflight 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdataxrt.com/ir/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Groet, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://profitedsurvey.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.19.10
Date: Fri, 19 Nov 2021 18:30:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://profitedsurvey.online
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST add
tagdataxrt.com/ir/ 0
0

GET 1yLj_b3yk5aEpd1AWvko3kPsZ1tCO6THMHZFQ3uuEnmwpC60OINTut0t3rIayuP4xjpVC7XMQ_hGkMn8HncrANX-98UVtHsX6pnMg91ShW6f01GAlWd4BVje3p5HpYuqXK1CVwioGi9jsa0ENZdymWTB1l7ho34ZxiJTeN1wkc9Wv3-xgQwArYfxUCv9y61Ieuoi3...
in-page-push.net/impression/ 0
0

GET fY_3kR0XKVtYlHaJbLYUOlvrcyN2ZI81GVo809ZLmcVu8O1BR4CQMRDCXUWvloShrt59oqt71vZO2z3cYSU5FnxEbHmhiipuIzrgeUe84A5O1UBjs7wxGG5eADmeZ4BmR2-J-8bYp2feSWCzYoyyQKfx0k82frB6AhPSyfZIpykk9iVMczKHiGzxiAELWoMpIBPh4...
in-page-push.net/impression/ 0
0

GET unnamed.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-1.png
profitedsurvey.online/img/comments/ 0
0

GET person-14.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-2.png
profitedsurvey.online/img/comments/ 0
0

GET person-4.jpeg
profitedsurvey.online/img/comments/ 0
0

GET person-5.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-6.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-8.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-3.png
profitedsurvey.online/img/comments/ 0
0

GET person-9.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-10.jpg
profitedsurvey.online/img/comments/ 0
0

GET person-11.jpeg
profitedsurvey.online/img/comments/ 0
0

GET person-12.jpeg
profitedsurvey.online/img/comments/ 0
0

GET person-13.jpg
profitedsurvey.online/img/comments/ 0
0

POST vb
propeller-tracking.com/ 0
0

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 20ms
19ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=7cf88d0170944dea8f23f42d0ecf6c1c

Requested by

Host: lehtymns.com
URL: https://lehtymns.com/4533056/?var=4493500&request_var=1309_156444&var3=485629142082786114

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lehtymns.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 Primary Request sweep.html Show response
sweepstakessurvey.org/ 5 KB
2 KB 108ms
62ms Document
text/html 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Requested by: Host: lehtymns.com
URL: https://lehtymns.com/4533056/?var=4493500&request_var=1309_156444&var3=485629142082786114
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ffb94beaf9568804311c0a767d9bb0ec988770b087ca5205bd13560a201bc00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-type: text/html
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e04M5HyUYHYS1SWpa%2BoWaiDRkyBHBd%2FwspFxPKF%2BRCrHtbR2DSJzDS5kOkDnAijffBhtKFv2nH2AGyXup9n0Hj8pgJAkaQYEvswN5dv4MSISZIBIEsjLuQyChCc2qcvlreMcQK5oSqRBCDnRmH%2B%2BppOozA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b0b82f9e9e85c20-FRA
content-encoding: br

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 12ms
12ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Requested by

Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: f87fead0ee4da9effff9c9b2e076910c
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 rtc.js Show response
sweepstakessurvey.org/js/data/ 11 KB
5 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/data/rtc.js
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6493
cf-polished: origSize=15077
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-3ae5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BqBLy25WI48%2F0H9T59%2BP1GkuVMMAZceXRe9odqZz%2BmpmZTRbuVWmTKAttMIbToGvRMbuTXFoLozRs3FREj6%2F%2Fs75M%2B7pzkbr9dP49DC0ZMnG9HCqhL9%2FLfstuxqZzaNDHRYTNJCUUEFGhATQ0r4QlCgYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82fa6b3c5c20-FRA
cf-bgj: minify

GET
H2 200 config.js Show response
sweepstakessurvey.org/js/ 62 KB
19 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/config.js
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f434ef1b8720f39f6ccc969b2d9c8fbf5850b78caa145e17b4f1149ec0aa7d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6493
etag: W/"61979a77-f803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl7wvCAWGPP0%2BSE4tiizGSxGqtHAS0MJW0KWUzSaSn2M09T3h3XcZWkySEf4zF0hnUYM1XiElWSpB08swACShYbwR8pB8d98Ubzz%2FXvNT4HYcllRt2N%2BtNndIQfar6%2F9kgdj1TL9rFme8L8C4ZgnlBpQaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82fa6b3e5c20-FRA
cf-bgj: minify

GET
H2 200 survey.css
sweepstakessurvey.org/css/ 19 KB
5 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/css/survey.css
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e82abefb7f047ffecd1a09b10868ae7f49272fb06bf2013559afd325bd75f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6493
cf-polished: origSize=19903
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-4dbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bkam0UmLLFd3JlCUQLRk72XeS1DpFvmX1T6eiTLUIv4EZWlhEGTaMRHW%2BmC6m%2BJJKjXNPxwXIIcLAo3W2BDJPeIdwYA%2FmoZk4N02IRS94cR%2FcsDwgEPj6YNvv9wNWLHY9eHW2NxFNQjBLCrPWFLteaHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b0b82fa6b3f5c20-FRA
cf-bgj: minify

GET
H2 200 sweep.css
sweepstakessurvey.org/css/ 8 KB
2 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/css/sweep.css
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d24acd503fccbf47e3ce8a567cac7f9dca11e78ae1344e85d8d817b9300cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6493
cf-polished: origSize=7884
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-1ecc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ5uIXOHdNWogtwNwCZJ57pvHjTGhp7TIsd8tiq3j6PjRefFxv2Ea0Zqp419EIehSFx26Zfl8Vsg3S6kJocUJ%2Bnl%2FkoHjwxmKByIInv0vSRakjQDssKceYRf%2BnMoq0E6vmMWSsQxLS8XegGsByZQpipHJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b0b82fa6b425c20-FRA
cf-bgj: minify

GET
H2 200 box_c.png
sweepstakessurvey.org/img/sweep/ 4 KB
4 KB 33ms
33ms Image
image/png 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/sweep/box_c.png
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff9cd1c5becb5c7fc4332898e6e98066be2e9f389abc54db50836d660a03809

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6630
etag: "61979a77-ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMrpMpnu7bw%2FD32qvCKicDPDPHgbsrkXC%2BzAJSYzhsJ2B15L7JjHY3OmjWRqqO013pFYutxnd7FHuLHzeZ4Hb3KytGmmp%2B53gzDRXsWBwMWg9BXAfKC3gfTtxqudO4hCT%2Bj6R2nSJBUHfkoxqXOWfzaX5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b0b82fa9bcc5c20-FRA
content-length: 3824

GET
H2 200 survey.js Show response
sweepstakessurvey.org/js/ 277 KB
87 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/survey.js
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090a9a489bd045a5b847c526cab2c6010173d899f7eb43db3e825221220f4d46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6443
cf-polished: origSize=283886
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-454ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIsdUoMz1NP8ZATYagZqAJW5sEFYEiNzoxEV%2FjoQv1mp6CLrm2Y1OP%2BPnf5A4XXn0lWzYUtIKnMNPUQ7DIw9za2ISfcWgP23REyHtQRdMrnEh0eVsrGKLxSIkbH7XQrLXcf6LUeKX%2FiWrYdopCOivHcCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82fa8ba45c20-FRA
cf-bgj: minify

GET
H2 200 sweep.js Show response
sweepstakessurvey.org/js/ 2 KB
846 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/sweep.js
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b85cd1b30b56624555b19f2091ce88f865af29882cba4b763516a89fbd7aa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 6443
etag: W/"61979a77-617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw1VZjkdGoM61ZG09zUI0TyvBvNhicmeD6ATRXtIQc4fhD1uYM2tOdu%2BP0cVgBQ%2BcVgX%2Bmq%2Bw%2BHEs2pXsgylGbYSDA1CSvhbWG8l7iIxgIfrxklbyeYRBm8PhfMLQMR1IqSnEMZN27ZC6FzMG229bOl8CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82fa9bb15c20-FRA
cf-bgj: minify

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
496 B 13ms
13ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=82892

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: d7452eba2747baf58ca68b7037f788a2
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://sweepstakessurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 sd-999901.js Show response
sweepstakessurvey.org/js/data/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/data/sd-999901.js
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d6f3f5f3e6052d69d3a32d218da607bc1eae6c633ff1481c5ca2c6f52e1718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4766
cf-polished: origSize=7502
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-1d4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGXq%2FG9HE5sF7%2FIcmiyGsBr8PWkmFTLLH%2BbfNWRria5vTSPk1X%2Bny63GR1qbo0yZOY7QW6sYlCMqD4hIZTqI9wEcjD3MlfyGv2hNkLzLIN%2BKympqv9p0dfBbxaS5eZF3IDFdjBTqe7A5B4ykKU24zP9n2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b0b82fa9bd15c20-FRA
cf-bgj: minify

POST
H2 204 vbl
propeller-tracking.com/ 0
495 B 13ms
13ms Ping
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 1df3280a28da81ca0a218e332ab98b0c
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://sweepstakessurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
548 B 21ms
21ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/js/survey.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5a32986b98280e006ac9207c501d045b129587036b895390e8dfa1a4cb93cbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sweepstakessurvey.org
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 en-sweep.json Show response
sweepstakessurvey.org/js/comments/ 5 KB
1 KB 48ms
48ms XHR
application/json 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/comments/en-sweep.json
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/js/survey.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b799b20264b97b575e4c6cd9aa8dbc1723fc9de24f6ba796e4afb8c41909d42

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-12fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Bas6SJKKFulSKhi7jGMdyufdZqenkRvncEPq2RkcvOuCf15zo5Z0cREHEhVlN9gITjM8BTQk%2BpCcmcWzYmmV3e%2Bg5%2BdsPpAf%2FdyN4G4y%2B3cTOSsBuNDv5%2FXKXuMpdpVggq3yj5fe7opKJmz4EYpHb010g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82fb1d375c20-FRA

GET
H2 200 tokens10k.png
sweepstakessurvey.org/img/sweep/ 65 KB
65 KB 16ms
16ms Image
image/png 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/sweep/tokens10k.png
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
age: 5984
etag: "61979a77-1043e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7xvmyr7wLVkWw98sokfZ6sPV%2FeOhh5LWuWzDTwPgA%2B2WQmX%2F1sDKlBX5o8fMmbrKuOaNpnlF076UD5XSDzAxlsXVReYXkJAhMkx1g6iYZNtuUWn2t1jsKyblndNhR43WgZmoV9gFn9L346epSDQCp%2Fjzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b0b82fb1d385c20-FRA
content-length: 66622

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 36ms
36ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 12:17:49 GMT
etag: "6194c8bd-101bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65980
expires: Fri, 19 Nov 2021 19:30:46 GMT

GET
H2 200 cookie-consent-1.json Show response
sweepstakessurvey.org/js/dict/ 4 KB
2 KB 58ms
57ms XHR
application/json 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sweepstakessurvey.org/js/dict/cookie-consent-1.json?v=1
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76bbe806b385849442561f6e3f5a4a33008004c3f9c35c2fcfeb099a140dcff

Request headers

Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: W/"61979a77-11dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGjYZ3mqsNyAR5VmRUzqxvyE5m41BwYKLqAO4daTLjc48pJbJ6MkwE0%2Bzzzq9gfKNGc4Up1b5K7OkfCI4RmfnxzaNIXCZa6Dud2yS8Okx9G3KJ5mJQA%2FwwL6cVTwD87RJIi3CmubhEgNfOLfj7gCnRdXZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b0b82fb2d3e5c20-FRA

GET
H2 200 unnamed.jpg
sweepstakessurvey.org/img/comments/ 1 KB
2 KB 24ms
16ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/unnamed.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 1378
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4qfONw7PcC5TKOvmEvwitgU51yVmvEQblLkVbgEG08y3%2Bj%2BADMTb9FRsVwMTX9AZCDk4j8P3%2BEjjxq%2FVAjLwVRuqA%2Bm78F7LehyjcI%2BjEcLWI9IZ69JMxhpyXvpCziB7%2B2W9TUZViS7VQ84H%2B%2FEU3Ca8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e345c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-1.jpg
sweepstakessurvey.org/img/comments/ 4 KB
4 KB 22ms
16ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-1.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 3900
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4zyeO0DdbwAFkva5fq9fAB5JT937gWFSdUw3eCKvff7eEjgRQjhxZqNpxkVaBEbn15%2FAp2ptpmvEO2lCWax7wI2Xh8QJl0JfmrN7wEksJGbM%2BKYruAxxkSc8GFdd1%2BrhK7yC4Gvoer9ferkYMNIXL3RnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e3b5c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-2.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 21ms
16ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-2.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6130
content-length: 1042
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtESrl9ILcCh0xbjo8S1UNkDneinXB6ijwyTwrdyS7KIQwddqLY2Kc%2B0ET0wwN33UAUE3ixB6uN8HCr3hwFtdegYCQ2Y%2Byf2dQtTzvofD8TeyiiAuOfBqxJ859anMZ6QHsv3tLFPQXu1zBMBvIsYp3LF4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e3d5c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-3.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 22ms
16ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-3.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6129
content-length: 1063
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FJqGTgeeT7szzToztg5Idyfp6vyRM7EjgvhgA2iT1S0xlRyGG5XuU6YcR1rocpRVPwAi3sW0au7A0DYA6BLKvYitsQUC2MjdHMFIWuhXYPIfDCFc0F5IzaumOVtBNjMzv2NI3YQGfHo7D7zw%2FwpgwKHjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e3e5c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-4.jpg
sweepstakessurvey.org/img/comments/ 4 KB
4 KB 26ms
21ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-4.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 3694
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-e6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhVg3glSHAVdHf2kZeJxjLJCoUCX1mhUbIlNNSkz3urK6G0pNIRnQ7TF6lN7hNPJQ%2FsJ%2BheU9EmYxX7EGJxlFOgiSM0Qf9PBE82lUqSWQ2UQVGYPgezCp%2BuifdV4LpS5IPQSKGYh6mrHwaw0J5Qj82fdGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e425c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-5.jpg
sweepstakessurvey.org/img/comments/ 3 KB
4 KB 22ms
17ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-5.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 3268
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnYj%2B4kbYTzAaGAJSOPA2Ij4NxM%2BW5tkDNdzJZDLvMsUsbqPx3Yqd5N7b2DlUmkWOsPhVuPEu4v9YKE%2FNKl%2Fs4489fq8n4XC4m9wMEKyIyUYY8%2FKz2NIpM1i6%2FEqNxf1RLUDA0rZQrumKF563FOkErV83g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e435c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-6.jpg
sweepstakessurvey.org/img/comments/ 10 KB
10 KB 24ms
19ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-6.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 10400
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-28a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FTE4paOEwvZXm3SZexTwOwYaqfTXdHZH5f%2Fi%2B9rjMWIsN0tcEIKSaq7xTKYLnx80sRYi2I1clvyi3muoVwUnSATXBZuhSITP9URf%2B%2BlszKl8XS4PuRn7tgnQ6ffOcr93lRzwVo6er3oPFj1jkAbKxlxHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e445c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-7.jpg
sweepstakessurvey.org/img/comments/ 11 KB
11 KB 23ms
19ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-7.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 10884
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-2a84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYif6wJeeY1If8%2FVamdYBVlMllY3QOyewUnwFfT5prEpiwByz56I%2B7e7ruK8bsCQja%2BNlcgAavmat74b6O%2BMI6nBUHugnrzRcs9LmeFVyxm5Fj8uMtD28dF9MzQ1C64gjeyUMg5bHpDbtW6JAfwOQQCqGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e465c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-8.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 23ms
18ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-8.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 1182
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-49e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfJOpycVyvNEMW8YIkzPZV5neUbAA8nslMTRJ%2FX%2BS2Ep0%2BCga85GUwHcjKJfv5Ej6ooutvuwaBEAjTcssokePSE1%2BrhN67a8LEIHbXJLxmD3p84XPZCwNaZoEo0jgI3jCXq%2FhV1mJE6sVm%2F6naI90d2G%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e485c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-9.jpg
sweepstakessurvey.org/img/comments/ 12 KB
12 KB 21ms
18ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-9.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5984
content-length: 11871
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-2e5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCeRuvDpGC5PbYmAvrQu1SNU0OILnm2D9oHTNzO8gT9Nku5zAyEf8o2e68iXW8EKrETNI0BiJXujOa4Y4Woq6evBGbQNa3JF%2FWDgUncek0xMbdIht5skXIDMxwIzstsKPr3as7bJit1k%2BqvBC3yf0G0eVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb8e4c5c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-10.jpg
sweepstakessurvey.org/img/comments/ 11 KB
11 KB 25ms
22ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-10.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 10828
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-2a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qmxPE2%2F5G2wHAdn8zyYtHlB4sKYA2a8RcZQ1EZqRLKEtRXUxlFSgtnjvOJdFqOhywTRKX0Ctrl8W%2BawDM18SievNPpMDIC1TTHQtjqquGfYgWjZgmsxVEoq%2BPcJQk9AKdpgadZ1g8nxGpQexL8EFJIYmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e5e5c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-11.jpg
sweepstakessurvey.org/img/comments/ 10 KB
11 KB 26ms
23ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-11.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 10636
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-298c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cZcqtmJJWYMUcz5R3zwVjEko7qmdqPFSXmTddQXRcWHQ6%2FCafn%2F6rg%2FqJQ%2FJE65nOifgqInYuSxiGpuxwH%2BE956nGFP8%2FLAohUJv5rG0eJuZVKzkbc0Q0WcmgR0DboZCEiDjUPqaWMArc6RL856Wx%2F%2FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e615c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-12.jpg
sweepstakessurvey.org/img/comments/ 11 KB
11 KB 40ms
38ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-12.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 11188
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-2bb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU53yeTDG3ivP1PZ9sz%2FqpUnas78DkCJuCgmev%2B%2BhWVGUNg1FFRGsYPhS%2BU%2B5BM0a1GfWgjJ4oLnaGmnq2%2BcEK5IH5vqbDVY%2FpJbDWpuQQPPFPoJME8SOvHh0UY3jmImVXWqUwSDa2GdF23k0%2Bmk0QHUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e635c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-13.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 24ms
21ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-13.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 1110
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=el5wukpKxanSGX9%2BS7xNOwzAOxTWjPbg170ygwG7Ab830rKJV%2FQYeMyBuEcn9F4VNBoV4XHQIZt6bCiQQMLZBmw3TkUJPg26INh2SOFJnMLcmqNL%2BfXpb8iMN6xHuCXuwAtPQWMWDiWQeycwtgVfqM3uMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e655c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-14.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 31ms
29ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-14.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 1146
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-47a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0JCGy%2BSZzQqJ9LCFAhYzWR5E7KZ%2Bwt8Bd5l3h2rP%2BiE0hq9feaQD3L15fJwA%2FkDy6d9jupuEv0mEf%2FqSPQhxYjGoZJWxAhUmLyi9j1CJbmX2uSK6tXa2JNdNp8DXW9NxtrVO48IDVmoNwiM7MAxi139Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e665c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-15.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 25ms
22ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-15.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 1067
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-42b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p08VaEg3W09f%2Fo%2BYQZiCiXaHlaPv2KeKVb29u%2FYFXaFiWF8zF5EOUN%2F3TUHGlLHDhP0wL8V1ToXXTdL4Qh80W2FtiO%2FAr0ZHtdZcQORmPUdLfQfYMlQ%2Bu8wc1y7N3wQMpX6nWNpdrD%2BH%2FXdrzjwPL12Stg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e675c20-FRA
cf-bgj: h2pri

GET
H2 200 person-sweep-16.jpg
sweepstakessurvey.org/img/comments/ 1 KB
1 KB 25ms
23ms Image
image/jpeg 2606:4700:20::681a:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sweepstakessurvey.org/img/comments/person-sweep-16.jpg
Requested by: Host: sweepstakessurvey.org
URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=7cf88d0170944dea8f23f42d0ecf6c1c&s=485629632570483107&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6084
content-length: 1208
last-modified: Fri, 19 Nov 2021 12:37:11 GMT
server: cloudflare
etag: "61979a77-4b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kUJpv9KMAvnAI5J33wMdHZF26QV1R8U3Q9jHLD1RNJNzaHWfZL6OArGpWCSFEx4ICWkXUn19ilmO%2B3Vg%2F7QN68cNM1vD9rR9Dj3ASKLkppTHhhSRE0x7kebYeZaS4e%2FiIIC2ThnBoElRf1YcAMMxDcPyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b0b82fb9e695c20-FRA
cf-bgj: h2pri

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9462.BhVUXkb1mwy0q3mZC444YxoyFrJR0KQuqAJl46cjY4d320JAmgNNWeHNvG7b1uPs.pWByduKV_uwSZ8xq9rc4KgeHPsc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9462.W6dTVVgg5AYVuubEbnWzt5bcMBnaE-9_MayaB0XhKkRWqeilSkpJ1LsVsh3lnUVF9pWskWTfKwg1QBO9fDkAZA%2C%2C.s4m6orllTMnGGvqWF2gqJtoaeuI%2C

75 B
75 B

34ms
34ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9462.W6dTVVgg5AYVuubEbnWzt5bcMBnaE-9_MayaB0XhKkRWqeilSkpJ1LsVsh3lnUVF9pWskWTfKwg1QBO9fDkAZA%2C%2C.s4m6orllTMnGGvqWF2gqJtoaeuI%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9462.W6dTVVgg5AYVuubEbnWzt5bcMBnaE-9_MayaB0XhKkRWqeilSkpJ1LsVsh3lnUVF9pWskWTfKwg1QBO9fDkAZA%2C%2C.s4m6orllTMnGGvqWF2gqJtoaeuI%2C
date: Fri, 19 Nov 2021 18:30:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 33ms
33ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:30:46 GMT
last-modified: Wed, 17 Nov 2021 12:17:49 GMT
etag: "6194c8bd-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 19 Nov 2021 19:30:46 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/66423859/
Redirect Chain

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6c1...
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6...

331 B
413 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6c1c%26s%3D485629632570483107%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A168%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A947537842771%3Ahid%3A361552091%3Az%3A0%3Ai%3A20211119183046%3Aet%3A1637346646%3Ac%3A1%3Arn%3A781036988%3Arqn%3A1%3Au%3A1637346646994792320%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637346646018%3Ads%3A17%2C27%2C62%2C1%2C1%2C0%2C%2C126%2C3%2C%2C%2C%2C240%3Adsn%3A16%2C28%2C62%2C0%2C1%2C0%2C%2C129%2C3%2C%2C%2C%2C239%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637346646%3At%3ADear%20user&t=gdpr%2814%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8f029db1b4f0d569434572a872eab1cf842a4743882cefd099e9f847efc435f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 18:30:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 19-Nov-2021 18:30:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sweepstakessurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Fri, 19-Nov-2021 18:30:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 18:30:46 GMT
last-modified: Fri, 19-Nov-2021 18:30:46 GMT
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D7cf88d0170944dea8f23f42d0ecf6c1c%26s%3D485629632570483107%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A168%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A947537842771%3Ahid%3A361552091%3Az%3A0%3Ai%3A20211119183046%3Aet%3A1637346646%3Ac%3A1%3Arn%3A781036988%3Arqn%3A1%3Au%3A1637346646994792320%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637346646018%3Ads%3A17%2C27%2C62%2C1%2C1%2C0%2C%2C126%2C3%2C%2C%2C%2C240%3Adsn%3A16%2C28%2C62%2C0%2C1%2C0%2C%2C129%2C3%2C%2C%2C%2C239%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637346646%3At%3ADear%20user&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://sweepstakessurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 19-Nov-2021 18:30:46 GMT

POST
H2 204 vbri
propeller-tracking.com/ 0
496 B 13ms
13ms Ping
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbri?t=82892&bid=undefined&aid=undefined&tp=2160

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: bee52c6d64ec5acf7d65822ef578a2b7
pragma: no-cache
date: Fri, 19 Nov 2021 18:30:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://sweepstakessurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/js/dict/cookie-consent-1.json?v=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain: my.rtmark.net
URL: https://my.rtmark.net/gid.js

Domain: tagdataxrt.com
URL: https://tagdataxrt.com/pix.jpg?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

Domain: tagdataxrt.com
URL: https://tagdataxrt.com/version.js?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

Domain: www.google.com
URL: https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Domain: www.google.com
URL: https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Domain: www.google.com
URL: https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Domain: www.google.com
URL: https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Domain: www.google.com
URL: https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Domain: tagdataxrt.com
URL: https://tagdataxrt.com/ir/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

Domain: in-page-push.net
URL: https://in-page-push.net/impression/1yLj_b3yk5aEpd1AWvko3kPsZ1tCO6THMHZFQ3uuEnmwpC60OINTut0t3rIayuP4xjpVC7XMQ_hGkMn8HncrANX-98UVtHsX6pnMg91ShW6f01GAlWd4BVje3p5HpYuqXK1CVwioGi9jsa0ENZdymWTB1l7ho34ZxiJTeN1wkc9Wv3-xgQwArYfxUCv9y61Ieuoi3HKJyjaaRK49JpQOlPJxBRqx4YPV5ICUhCY0WZJkEVlSC8oWb11pi82xX5Kr4VoDsCjDLLHqyPadQDas05ABX2SD-QkCdQYxsd7HmNySCTQtY6VfE7HXcHhuGTSid6h28ttkb4gEElkZ92bu10P2OA58sd09u7lHaXz_aik-xc-3pLWD-hhPTqBkWoymXSNKYGF5Wh1OTNikqCp_NG-pZO1rb3yhWiPTyA==?_z=4326638

Domain: in-page-push.net
URL: https://in-page-push.net/impression/fY_3kR0XKVtYlHaJbLYUOlvrcyN2ZI81GVo809ZLmcVu8O1BR4CQMRDCXUWvloShrt59oqt71vZO2z3cYSU5FnxEbHmhiipuIzrgeUe84A5O1UBjs7wxGG5eADmeZ4BmR2-J-8bYp2feSWCzYoyyQKfx0k82frB6AhPSyfZIpykk9iVMczKHiGzxiAELWoMpIBPh4lGHdsjy-CJlL-Y6qO5FjGChOaX53auJcPqTuzdDSPbUdJvy7xYy2lDH346RocTH9hKxLDMKXFnI4JvfY9aePs9suv8XeSWWoRJdZ1KLBYYYm5ZZQsmHXFMqYhp4lgQyjUwZQsSI4J_WDBUNfcNbkW2hxdcShv2pna1knJDn6GJ7myCXwqMoX0Y1tbJUIU7oPxa6e9qGe7cRCHcPxyYWO5acmpOGRe_j0w==?_z=4292525

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/unnamed.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-1.png

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-14.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-2.png

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-4.jpeg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-5.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-6.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-8.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-3.png

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-9.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-10.jpg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-11.jpeg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-12.jpeg

Domain: profitedsurvey.online
URL: https://profitedsurvey.online/img/comments/person-13.jpg

Domain: propeller-tracking.com
URL: https://propeller-tracking.com/vb?t=82892&bid=undefined&aid=undefined&tp=450.29999923706055

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-20 07:34:42	Name: ID Value: d6af8d4aff1849aebe369f199094508b
lehtymns.com/	1970-01-20 07:34:42	Name: OAID Value: 7cf88d0170944dea8f23f42d0ecf6c1c
lehtymns.com/	1970-01-20 07:34:42	Name: oaidts Value: 1637346645
.sweepstakessurvey.org/	1970-01-20 07:34:42	Name: _ym_uid Value: 1637346646994792320
.sweepstakessurvey.org/	1970-01-20 07:34:42	Name: _ym_d Value: 1637346646
.mc.yandex.com/	1970-01-19 22:49:07	Name: sync_cookie_csrf Value: 3382418241fake
.sweepstakessurvey.org/	1970-01-19 22:50:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 22:49:07	Name: sync_cookie_csrf Value: 3787747486fake
.yandex.com/	1970-01-20 07:34:42	Name: yandexuid Value: 3017183411637346646
.yandex.com/	1970-01-20 07:34:42	Name: yuidss Value: 3017183411637346646
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1230870461637346646
.yandex.com/	1970-01-23 14:25:06	Name: i Value: oe4UOp3/5yUmSyaMJpvL6wx4NsY3UfR6VIH9d8GFaIRfhx65ZdUEUQQdkRsYixGPkqdabLfjgwJQB6r+K2GBAsTRjss=
.yandex.com/	1970-01-20 07:34:42	Name: ymex Value: 1668882646.yrts.1637346646#1668882646.yrtsi.1637346646
.sweepstakessurvey.org/	1970-01-19 22:49:08	Name: _ym_visorc Value: b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	error	URL: https://profitedsurvey.online/js/survey.js Message: Blocked attempt to show a 'beforeunload' confirmation panel for a frame that never had a user gesture since its load. https://www.chromestatus.com/feature/5082396709879808
deprecation	warning	URL: https://tagstaticx.com/tag.js Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9462.W6dTVVgg5AYVuubEbnWzt5bcMBnaE-9_MayaB0XhKkRWqeilSkpJ1LsVsh3lnUVF9pWskWTfKwg1QBO9fDkAZA%2C%2C.s4m6orllTMnGGvqWF2gqJtoaeuI%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

in-page-push.net
itcleffaom.com
lehtymns.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
pagead2.googlesyndication.com
profitedsurvey.online
propeller-tracking.com
sweepstakessurvey.org
tagdataxrt.com
tagstaticx.com
ugyplysh.com
www.google.com
in-page-push.net
mc.yandex.ru
my.rtmark.net
pagead2.googlesyndication.com
profitedsurvey.online
propeller-tracking.com
tagdataxrt.com
www.google.com
139.45.195.8
139.45.197.237
139.45.197.238
139.45.197.240
139.45.197.253
2606:4700:20::681a:c39
2606:4700:20::681a:fd7
2606:4700:3033::6815:1c0a
2a02:6b8::1:119
37.48.68.71
090a9a489bd045a5b847c526cab2c6010173d899f7eb43db3e825221220f4d46
0ace813d678cdd8a91bfec6cb3efeb167b7334190b919b2f155768bf466952bd
0ffb94beaf9568804311c0a767d9bb0ec988770b087ca5205bd13560a201bc00
15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8
271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1
2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36
34b85cd1b30b56624555b19f2091ce88f865af29882cba4b763516a89fbd7aa0
3b799b20264b97b575e4c6cd9aa8dbc1723fc9de24f6ba796e4afb8c41909d42
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
46e82abefb7f047ffecd1a09b10868ae7f49272fb06bf2013559afd325bd75f5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
5a32986b98280e006ac9207c501d045b129587036b895390e8dfa1a4cb93cbca
5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b
64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904
64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414
65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85d24acd503fccbf47e3ce8a567cac7f9dca11e78ae1344e85d8d817b9300cc4
8f029db1b4f0d569434572a872eab1cf842a4743882cefd099e9f847efc435f0
92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
93ae2b5f8874ad6448376299c4c02bd9cbc4ce1badd521b4b337e48637b24e46
9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030
9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951
a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
b9b83e91c86f303d98ede9ff0b4700d0f68ebbd39370fa7b744b51d1e9e08135
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567
c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
c7d6f3f5f3e6052d69d3a32d218da607bc1eae6c633ff1481c5ca2c6f52e1718
ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e
cff9cd1c5becb5c7fc4332898e6e98066be2e9f389abc54db50836d660a03809
d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ce1add3a481e1df35ca5c582f7b8cc2eb19779063dd89e66f2b142ef57cf3a
e76bbe806b385849442561f6e3f5a4a33008004c3f9c35c2fcfeb099a140dcff
ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
f434ef1b8720f39f6ccc969b2d9c8fbf5850b78caa145e17b4f1149ec0aa7d6e
f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a

sweepstakessurvey.org Open in urlscan Pro 2606:4700:20::681a:fd7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

90 Requests

66 %HTTPS

40 %IPv6

14 Domains

14 Subdomains

11 IPs

4 Countries

549 kBTransfer

1372 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sweepstakessurvey.org Open in urlscan Pro
2606:4700:20::681a:fd7 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

66 %
HTTPS

40 %
IPv6

14
Domains

14
Subdomains

11
IPs

4
Countries

549 kB
Transfer

1372 kB
Size

14
Cookies

90 HTTP transactions
0 data transactions