www.everydaywinner.com Open in urlscan Pro
40.121.91.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee644...
Submission: On June 08 via manual (June 8th 2020, 7:12:13 pm UTC) from US

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 98 HTTP transactions. The main IP is 40.121.91.199, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.everydaywinner.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 10th 2020. Valid for: a year.

This is the only time www.everydaywinner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	40.121.91.199 40.121.91.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.17.96.142 52.17.96.142	16509 (AMAZON-02) (AMAZON-02)
2 3	52.7.129.118 52.7.129.118	14618 (AMAZON-AES) (AMAZON-AES)
2 4	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.89.48 143.204.89.48	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	13.226.159.78 13.226.159.78	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.216.130.109 52.216.130.109	16509 (AMAZON-02) (AMAZON-02)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	208.118.62.69 208.118.62.69	7296 (ALCHEMYNET) (ALCHEMYNET)
98	21

63 40.121.91.199 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.everydaywinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.96.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-96-142.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.7.129.118 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-129-118.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.13.5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.48 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-48.fra50.r.cloudfront.net

pushpros.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-78.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.130.109 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	everydaywinner.com www.everydaywinner.com	1 MB
4	facebook.net connect.facebook.net	222 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	facebook.com www.facebook.com	381 B
3	gstatic.com fonts.gstatic.com	27 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	rdcdn.com 2 redirects rdcdn.com	522 B
2	snapchat.com tr.snapchat.com
2	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com	1 KB
2	yimg.com s.yimg.com	6 KB
2	bing.com bat.bing.com	8 KB
2	yahoo.com sp.analytics.yahoo.com	818 B
2	googleapis.com fonts.googleapis.com	2 KB
1	upsellit.com www.upsellit.com	10 KB
1	amazonaws.com s3.amazonaws.com	13 KB
1	sc-static.net sc-static.net	6 KB
1	pushpros.tech pushpros.tech	2 KB
1	criteo.net static.criteo.net	10 KB
1	adsrvr.org insight.adsrvr.org	260 B
1	fontawesome.com use.fontawesome.com	13 KB
98	21

	Domain	Requested by
63	www.everydaywinner.com	www.everydaywinner.com
4	connect.facebook.net	www.everydaywinner.com connect.facebook.net
3	ib.adnxs.com	2 redirects www.everydaywinner.com
3	www.facebook.com	connect.facebook.net www.everydaywinner.com
3	fonts.gstatic.com	www.everydaywinner.com
3	www.google-analytics.com	www.everydaywinner.com
3	rdcdn.com	2 redirects www.everydaywinner.com
2	tr.snapchat.com	sc-static.net
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	s.yimg.com	www.everydaywinner.com s.yimg.com
2	bat.bing.com	www.everydaywinner.com
2	a.tribalfusion.com	1 redirects www.everydaywinner.com
2	sp.analytics.yahoo.com	www.everydaywinner.com s.yimg.com
2	fonts.googleapis.com	www.everydaywinner.com
1	www.upsellit.com	www.everydaywinner.com
1	s3.amazonaws.com	www.everydaywinner.com
1	widget.us.criteo.com	www.everydaywinner.com
1	sslwidget.criteo.com	1 redirects
1	sc-static.net	www.everydaywinner.com
1	pushpros.tech	www.everydaywinner.com
1	static.criteo.net	www.everydaywinner.com
1	insight.adsrvr.org	www.everydaywinner.com
1	use.fontawesome.com	www.everydaywinner.com
98	23

This site contains no links.

Subject Issuer	Validity	Valid
*.everydaywinner.com Go Daddy Secure Certificate Authority - G2	`2020-02-10` - `2021-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-04` - `2020-08-31`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
rdcdn.com Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-03` - `2020-10-09`	8 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
pushpros.tech Amazon	`2019-08-28` - `2020-09-28`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-19` - `2020-07-03`	a month	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2020-06-01` - `2020-08-30`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.upsellit.com DigiCert SHA2 Secure Server CA	`2017-07-12` - `2020-09-16`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Frame ID: 035F9AF94C5BD4609DEDB23009C14246
Requests: 96 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2373c4ab-5ba3-49cf-a935-39ec24b326e2
Frame ID: 60E27BC8E2D80984E8EABD9254539F26
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: A3C4019F3F4E4288F8373FF6DDF5432C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

98
Requests

100 %
HTTPS

36 %
IPv6

21
Domains

23
Subdomains

21
IPs

7
Countries

1407 kB
Transfer

2493 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://rdcdn.com/rt?aid=5241&e=1&img=1 HTTP 302
https://rdcdn.com/eow HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 57

https://sslwidget.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998 HTTP 302
https://widget.us.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998

Request Chain 60

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%222548689138%22%2C%22th%22%3A9174587802%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aamneMXVU2XVbNnTJ33UYS0sjrRG4qsY%22%2C%22url%22%3A%22https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D%22%2C%22clientName%22%3A%22Winner%22%2C%22clientID%22%3A765203%2C%22eventType%22%3A%22insights%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22homepage%22%7D HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=5357075312014830890&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662221016478509

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.everydaywinner.com/ 37 KB
13 KB 1202ms
677ms Document
text/html 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ PHP/5.6.40

Resource Hash

09268add7a7c529118bcdb5d1f9f9a23099d24ff08bd7864578b85979ed11e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.everydaywinner.com
:scheme: https
:path: /?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0,no-cache, no-store
pragma: no-cache
content-length: 12115
content-type: text/html; charset=UTF-8
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
set-cookie: PHPSESSID=q3e1mgp4ocvhsg4jrgh3tmkj14; path=/ primepub=disabled; expires=Mon, 08-Jun-2020 20:11:54 GMT; Max-Age=3600; path=/; domain=.everydaywinner.com arcamax=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 runPixOF=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 noMPStartTime=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 noMPMiddleTime=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 SESSION_EXPIRED=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 arcamax=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 SMSFlag=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 currentFunnel=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitID=g3wK342403; expires=Mon, 08-Jun-2020 20:41:54 GMT; Max-Age=5400; path=/; domain=.everydaywinner.com expireStamp=1591648914; expires=Mon, 08-Jun-2020 20:41:54 GMT; Max-Age=5400; path=/; domain=.everydaywinner.com uuid=6e118dc1-c499-4b56-ba37-e5e6603a55db; expires=Mon, 08-Jun-2020 21:11:54 GMT; Max-Age=7200; path=/; domain=.everydaywinner.com ARRAffinity=ca5124a274900efc763721701f6910ae2f308c1129e0435e6181e5e11577a4a6;Path=/;HttpOnly;Domain=www.everydaywinner.com
x-powered-by: PHP/5.6.40
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
date: Mon, 08 Jun 2020 19:11:54 GMT

GET
H2 200 modernizr.js Show response
www.everydaywinner.com/components/classes/ 17 KB
6 KB 146ms
141ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/components/classes/modernizr.js

Requested by

Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

389a8a8f2f10a5c250d94b11d78853411e1f5edcbfff42f9d3a30f0cade19b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 23 Jan 2019 19:21:03 GMT
etag: "80f9b6c750b3d41:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 6446
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 10 KB
863 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,700,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db7c0a6cb89b265157b466f9127b04e326a1ed2bd123a0a375a2aae73a82cf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Jun 2020 19:11:54 GMT
server: ESF
date: Mon, 08 Jun 2020 19:11:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jun 2020 19:11:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
924 B 17ms
13ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Jun 2020 19:06:02 GMT
server: ESF
date: Mon, 08 Jun 2020 19:11:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jun 2020 19:11:54 GMT

GET
H2 200 style.css
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/ 27 KB
6 KB 140ms
136ms Stylesheet
text/css 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/style.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ab56187eb268f6cab6eeb4b007bd6e5c42bf46917262377538daeddc5e86ce16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 16:38:51 GMT
etag: "805f553bce8d51:0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 6116
x-xss-protection: 1; mode=block

GET
H2 200 multi-btn.css
www.everydaywinner.com/layout/common/css/ 1 KB
650 B 145ms
141ms Stylesheet
text/css 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/layout/common/css/multi-btn.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7113dd2dedfc5f3f4cc0b12c89ced110723e4eff24c4a4d281cd82dbd430e723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 18:41:56 GMT
etag: "d3bf146942f6d51:0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 568
x-xss-protection: 1; mode=block

GET
H2 200 jquery.1.11.3.min.js Show response
www.everydaywinner.com/views/default/common/assets/js/ 94 KB
33 KB 153ms
149ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/default/common/assets/js/jquery.1.11.3.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 04 Mar 2019 18:10:03 GMT
etag: "808f147db5d2d41:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 33406
x-xss-protection: 1; mode=block

GET
H2 200 array.every.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/polyfill/ 2 KB
1 KB 151ms
147ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/polyfill/array.every.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fbee1ad5fe09ef4a1b605954fa710d4138b4db339c8a697be6fd4c2bd4ebca35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 19:34:08 GMT
etag: "5ac9578fa4e2d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 971
x-xss-protection: 1; mode=block

GET
H2 200 classlist.contains.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/polyfill/ 9 KB
3 KB 151ms
147ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/polyfill/classlist.contains.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8c10f4e9128552d20385a51c66028e9c2f8b9fd054e9e294424591be941e66e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 19:18:12 GMT
etag: "0f23d55a2e2d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 2721
x-xss-protection: 1; mode=block

GET
H2 200 jquery.countdown.min.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 5 KB
2 KB 246ms
242ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/jquery.countdown.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "80b98d25bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 2378
x-xss-protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
13 KB 245ms
56ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Origin: https://www.everydaywinner.com

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 17:44:03 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 animate.css
www.everydaywinner.com/views/templates/everydaywinner/common/assets/css/ 74 KB
4 KB 140ms
136ms Stylesheet
text/css 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/css/animate.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:14 GMT
etag: "023f524bb73d31:0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 4455
x-xss-protection: 1; mode=block

GET
H2 200 ga.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 387 B
507 B 151ms
148ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ga.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ab4b9f7c138df2839d3ec207a1ebef442e960b8c6dbb000412a9964847be19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "e3f12026bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 425
x-xss-protection: 1; mode=block

GET
H2 200 fb.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 3 KB
1 KB 151ms
148ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/fb.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b40441a2cdc2ae6f174769b80225535659b159179aed091aae04c16e63a027f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 23 Jan 2019 22:18:59 GMT
etag: "804b1ba369b3d41:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 1281
x-xss-protection: 1; mode=block

GET
H2 200 modal.min.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 7 KB
2 KB 249ms
245ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/modal.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7413bf3f702d23e14ee35aa8137adb01684f6f7c6e3532e7af8b18930bfd2d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:16 GMT
etag: "0502626bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 2263
x-xss-protection: 1; mode=block

GET
H2 200 ua-parser.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 43 KB
10 KB 255ms
251ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ua-parser.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

97c9954639caa5d1b26c3f2e04034c62cc779fd2a31ca9408a320b742946a049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:16 GMT
etag: "0502626bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 10071
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 4 KB
2 KB 252ms
248ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/js.cookie.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a19b6a07374682e4c4c29ecec9e3001d316593c3d2a80dfe1ce8d54b1ac05985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "80b98d25bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 1493
x-xss-protection: 1; mode=block

GET
H2 200 heartcode-canvasloader-min.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 6 KB
2 KB 253ms
249ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/heartcode-canvasloader-min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6efcc6499110953286174eb01bf487e30683fe1549c3bcde548c7b52ca05f189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "80b98d25bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 2296
x-xss-protection: 1; mode=block

GET
H2 200 maskedinput.min.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 4 KB
2 KB 251ms
247ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/maskedinput.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58c5fb14d40e03a30b242153b35222ef2c66912229fe98e3bad88afd8bb4aa37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "80b98d25bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 1967
x-xss-protection: 1; mode=block

GET
H2 200 mailcheck.min.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 4 KB
1 KB 252ms
249ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/mailcheck.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d18ac5282d49df88ec383df2ada07181527dd732e9e116fc373b52e9035957d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "80b98d25bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 1463
x-xss-protection: 1; mode=block

GET
H2 200 wc_pop.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 333 B
410 B 251ms
248ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/wc_pop.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed80432206a3302912defd54f9a6c0ed02c3f0f13f744f4d4e7452f6a385356a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "3984c525bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 351
x-xss-protection: 1; mode=block

GET
H2 200 index.css
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/ 14 KB
3 KB 249ms
246ms Stylesheet
text/css 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/index.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7df214c5311af1aad9bf2ddd8251e29388150bbb4fa7e8206162baa98e153272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 15:32:28 GMT
etag: "04e1ac4aa1d51:0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 3080
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/js/ 11 KB
3 KB 253ms
250ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/js/main.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c59299bbecbdeddf4cc5bd5abeddb95a6617c9be0c9ba212254435dde3a1509b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 20:02:18 GMT
etag: "081617ea8e2d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:54 GMT
accept-ranges: bytes
content-length: 2795
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
580 B 584ms
433ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10020710

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Mon, 08 Jun 2020 19:11:55 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 277ms
131ms Image
image/gif 52.17.96.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=yx0nytt&ct=0:ed1jjhq3&fmt=3
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.96.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-96-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 08 Jun 2020 19:11:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=5241&e=1&img=1
https://rdcdn.com/eow
https://rdcdn.com/images/blank.gif

42 B
197 B

132ms
131ms

Image
image/gif

52.7.129.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.129.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-129-118.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
last-modified: Tue, 10 Mar 2015 23:08:02 GMT
server: Microsoft-IIS/10.0
etag: "035c1e875bd01:0"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42

Redirect headers

date: Mon, 08 Jun 2020 19:11:55 GMT
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
status: 302
content-type: text/html; charset=utf-8
location: https://rdcdn.com/images/blank.gif
cache-control: private
content-length: 151

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Winner/765203/ 8 KB
3 KB 283ms
208ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Winner/765203/pixel.js
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f970516c40022c26507e3edbb4fbd4f4c773683f35b8921621b4e0c17305101

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 1944
cf-request-id: 0336f1c17d0001005e5ea66200000001
x-function: 151
last-modified: Wed, 06 Feb 2019 07:01:18 GMT
server: cloudflare
x-reuse-index: 84
etag: 380650844502997714
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
accept-ranges: bytes
cf-ray: 5a04ebe26ce10000-ARN
expires: Mon, 08 Jun 2020 20:11:55 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 55ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
etag: W/"5df79c22-7533"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 09 Jun 2020 19:11:55 GMT

GET
H2 200 landing-logo.png
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 87 KB
87 KB 139ms
135ms Image
image/png 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/landing-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6dad2c4b7adba6a13ea42a752b49ebc7a5b9cf511042acf4981202ced8cd3968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "f3aabe4aa1d51:0"
content-type: image/png
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 88841
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 25 KB
25 KB 148ms
145ms Image
image/png 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6a793f5c80161ea382318837e48ee32d4557e886153c000b24e1c3d8002c31fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "aabe1ee4aa1d51:0"
content-type: image/png
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 25991
x-xss-protection: 1; mode=block

GET
H2 200 20200107-222305xbLK-1578493994288-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 36 KB
36 KB 145ms
141ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200107-222305xbLK-1578493994288-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

703a62f85742f963057a14c99a14c61112d0bdf220186a6601cd35fc22fc517e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 08 Jan 2020 14:33:13 GMT
etag: "86cc1f8f30c6d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 36373
x-xss-protection: 1; mode=block

GET
H2 200 green-right-arrow.png
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 1 KB
1 KB 143ms
140ms Image
image/png 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/green-right-arrow.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9c53320c9ed023755b40bb379bdbc8ee22e749f872a9085b764706f5f10fcc68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:30 GMT
etag: "4dfe7ed4aa1d51:0"
content-type: image/png
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 1072
x-xss-protection: 1; mode=block

GET
H2 200 popup-header.jpg
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 34 KB
34 KB 140ms
137ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/popup-header.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c49a94dff56412fe928029f4b663f0fafc148c4921d37979e8cd429c4a59be32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "a0d031e4aa1d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 34629
x-xss-protection: 1; mode=block

GET
H2 200 popup-close.png
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 1 KB
1 KB 159ms
156ms Image
image/png 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/popup-close.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9889505062b6a5a08981798cdf821590f422ee32e9ff76958a8304d4afd92ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "872021e4aa1d51:0"
content-type: image/png
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 1393
x-xss-protection: 1; mode=block

GET
H2 200 upsellit.js Show response
www.everydaywinner.com/views/templates/everydaywinner/desktop/assets/js/ 804 B
596 B 136ms
135ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/desktop/assets/js/upsellit.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a69ff5664594345608afd78880ebc436b33f9b47a29897597be683be2419e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "b8c968e4aa1d51:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 492
x-xss-protection: 1; mode=block

GET
H2 200 GetPushScript Show response
pushpros.tech/ 2 KB
2 KB 558ms
380ms Fetch
application/json 143.204.89.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=www.everydaywinner.com
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-48.fra50.r.cloudfront.net
Software: /
Resource Hash: 561010303db0644d7300aee63a424f506907e15ad874f702c60d3ae35e517c0a

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 335a8a8c-14b1-4378-862a-acf8b49c4e2f
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ede8d7b-244d8cd8330b6dc45ef42d5c;Sampled=0
x-amz-apigw-id: N0sLVFd1oAMFQwA=
content-length: 2185
x-amz-cf-id: ApLVV2jyG1IjRGxUOQ4XD4D0vmZWSHkDuOUTEOqtp9MqUCgYJWicHw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 936
date: Mon, 08 Jun 2020 18:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 08 Jun 2020 20:56:19 GMT

GET
H2 200 ga.js Show response
www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ 387 B
464 B 137ms
137ms Script
application/x-javascript 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/ga.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ab4b9f7c138df2839d3ec207a1ebef442e960b8c6dbb000412a9964847be19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 13 Dec 2017 02:36:15 GMT
etag: "e3f12026bb73d31:0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 425
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/views/templates/everydaywinner/common/assets/js/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e41cc400da87670d489790b6bb2ce054b70b15ae832296823e95c14ea9041919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W7hHaODQqKt4ovSEBJPgcw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "857137b53d476408797656d20f972fbf"
x-fb-debug: 8PXHSte+nzpY87MuJp0N3iAtjr0Iu1DjXT1G1Jn8TMUrooWuTcLJL25FhEVF5Zu609LdASr+Fp/83SLes5iJnQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 1e8a7473372fd7952f86fa3a8fd20184
x-frame-options: DENY
date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jun 2020 19:24:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 726ms
266ms Script
application/javascript 13.226.159.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.159.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-78.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-id: AeOIMLyMFoJk7R-T7hW-_F6QlDP84eUb3pDGdocXB8O6YmHOQQAuXw==

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 30ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:54 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 20:59:59 GMT
x-msedge-ref: Ref A: D3D3BCBE71004099824471A9ED7D330A Ref B: FRAEDGE1310 Ref C: 2020-06-08T19:11:55Z
status: 200
etag: "80b179766929d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7767

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 20ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: Ky8+/4bwZ/9R7RHteCHkOLs6gUM81gNnEm+mKmXtGC4RWXzBdkDrS5eOu9VKeF1NT4EwIMDxCm5xo3I2AQrbrw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 14 KB
6 KB 66ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 08 Jun 2020 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2256
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5398
x-amz-id-2: OSFq5O4Pc3qetHZ9OZ7kHlRwSEf2BSz5LfIgWWh2ugFxJ2Wzqp3KklfhxGKdKxzPF56JdnGRTOc=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 23 May 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 17 Apr 2020 10:13:12 GMT
server: ATS
etag: "262ad28777cd04301eaf1ed832269103-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 6CACAF56F5A23FC0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: .3pslEVav9FDmkNX3peqHq9djDal2LXy
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://www.everydaywinner.com

Response headers

date: Fri, 15 May 2020 19:37:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2072092
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 15 May 2021 19:37:03 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
14ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=368176641&t=pageview&_s=1&dl=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&ul=en-us&de=UTF-8&dt=Everyday%20Winner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=236075261&gjid=1078452919&cid=2027741856.1591643515&tid=UA-947206-11&_gid=1833685375.1591643515&_r=1&z=1920359793

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jun 2020 19:11:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=368176641&t=pageview&_s=2&dl=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&ul=en-us&de=UTF-8&dt=Everyday%20Winner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=&gjid=&cid=2027741856.1591643515&tid=UA-947206-11&_gid=1833685375.1591643515&z=884101710

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 19:48:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2071413
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=dc1396aa0939c7d0ac18af3c0311ba43&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b2ca84b8947bdbf5f5ce041196048268cb8dec51988511902c68111ebf8eee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Origin: https://www.everydaywinner.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kmDQztfwEUHMGrCtJMj+Lg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 61067
etag: "f1c78c1c5c4843cd749cf673c21722ce"
x-fb-debug: 375P2g/zgwMkgxxWUPHfMGhX3MEF0j5IdynkvYNmncBtA3wlNa3RBqorSTBO58Z0PeUKqlcNL4bLJmXVEOvZvA==
x-fb-trip-id: 664085054
x-fb-content-md5: b90630b7800fd9cfa88e567ceccbd8ea
x-frame-options: DENY
date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 08 Jun 2021 17:43:56 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5062565&Ver=2&mid=68e75a06-f9ac-c6e8-d948-2ba39da70f34&sid=33b0940a-b449-c5bc-94f0-88e04244c80b&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Everyday%20Winner&p=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&r=&evt=pageLoad&msclkid=N&sv=1&rn=140471
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 08 Jun 2020 19:11:54 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1C623F6E4DC64DD8800E69F3BA6E5C33 Ref B: FRAEDGE1310 Ref C: 2020-06-08T19:11:55Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1157032147674272 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 273ms
273ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1157032147674272?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9032523e5aff31b1c6f75c2743adcf3f0d5930f34df377ec8a3199a9656d0b5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xcyyVS/sRe2cQxajNyg+opijQiRVAJ8hPUqX+tzHyhmu1lZ2hJblOBBI755WQujgin1jcSaNkVNudpQdqg5/MA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10020710.json Show response
s.yimg.com/wi/config/ 2 B
492 B 148ms
115ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10020710.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: F0CE5B2DDDAF2845
x-amz-id-2: ZbJv9W5tyND2LWh09Y9E0r0yoXliGy534aqW7dh06glqoP5bNEGSuc9jqeAhkUEPjtUA4n44bTg=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 72ms
72ms Fetch
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1818129101739693&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=dc1396aa0939c7d0ac18af3c0311ba43&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everydaywinner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: 20wDTlPZyYoskO933CYiw7aHxZjir9fv7CsG8zv5hHumrbQh8o2ajpvAJ8zQ9PXpkvZe4pniLYZ3VP5Ex9CUFg==
fb-s: unknown
status: 200
date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.everydaywinner.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
831 B 222ms
220ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Winner/765203/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865b5d50750c6522f6c21f2b9af6e454ec220b98ab77763608bc7bcc5fc7875b

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 331
cf-request-id: 0336f1c2520001005e5ea79200000001
x-function: 153
last-modified: Tue, 04 Apr 2017 05:09:56 GMT
server: cloudflare
x-reuse-index: 5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 5a04ebe3bfec0000-ARN
expires: Sun, 06 Sep 2020 19:11:56 GMT

GET
H2 200 landing-bg.jpg
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 145 KB
146 KB 134ms
134ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/landing-bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9aa1fe2c751d378c414a8b6418ba9279ee6cdd79b7ad0b2fb7721047af15dd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "9feee4aa1d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 148878
x-xss-protection: 1; mode=block

GET
H2 200 gradient_bg.jpg
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 2 KB
2 KB 139ms
138ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/gradient_bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1a92d9b220d06d00685ee39e4526493d7cd91de5a4264cdb85a01ced82ab90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:30 GMT
etag: "451273d4aa1d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 2024
x-xss-protection: 1; mode=block

GET
H2 200 line-3-border.jpg
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 1 KB
1 KB 163ms
163ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/line-3-border.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a674ce173d3878b196cd93c8aad0ed2b155e11236a8363ece901d7ae15af19ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:31 GMT
etag: "e47010e4aa1d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 1215
x-xss-protection: 1; mode=block

GET
H2 200 big_btn_bg.jpg
www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/ 1 KB
1 KB 141ms
141ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/images/big_btn_bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef40a10db25e34491d57d84889e79dcf191e4c5d593fa8949f28be72dfd20eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/views/templates/everydaywinner/Desktop/assets/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 22 Nov 2019 15:32:29 GMT
etag: "3534c0c4aa1d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:55 GMT
accept-ranges: bytes
content-length: 1283
x-xss-protection: 1; mode=block

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://www.everydaywinner.com

Response headers

date: Mon, 18 May 2020 23:14:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 1799826
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9192
x-xss-protection: 0
expires: Tue, 18 May 2021 23:14:49 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://www.everydaywinner.com

Response headers

date: Wed, 20 May 2020 18:06:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1645544
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 20 May 2021 18:06:11 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998
https://widget.us.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998

1 KB
1 KB

442ms
163ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9625b0be286ea1562a19f53a5dbe885db3195d22176ed1117682d4828b9bb1d2

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jun 2020 19:11:55 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
content-type: application/x-javascript
content-length: 880
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jun 2020 19:11:55 GMT
status: 302
location: https://widget.us.criteo.com/event?a=%5B51536%2C36673%2C36674%5D&v=5.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=everydaywinner.com&dtycbr=33998
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 winnerCircleDesktop.php Show response
www.everydaywinner.com/feature/edw/app/files/winnercircle/ 12 KB
2 KB 955ms
955ms XHR
text/html 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everydaywinner.com/feature/edw/app/files/winnercircle/winnerCircleDesktop.php

Requested by

Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/views/default/common/assets/js/jquery.1.11.3.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ PHP/5.6.40

Resource Hash

bcb3f197aa1170febef87d9b04d7da13705b93551da6a9b4b4c289d0c057bb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
content-length: 2173
x-xss-protection: 1; mode=block

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
238 B 418ms
417ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2008%20Jun%202020%2019%3A11%3A55%20GMT&n=-2d&b=Everyday%20Winner&.yp=10020710&f=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Mon, 08 Jun 2020 19:11:55 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/insights?%7B%22tagKey%22%3A%222548689138%22%2C%22th%22%3A9174587802%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aamneMXVU2XVbNnTJ33UYS0sjrRG4qsY%22%2C%22url%22%3A%22htt...
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
https://a.tribalfusion.com/i.match?p=b26&u=5357075312014830890&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662221016478509

43 B
1014 B

170ms
170ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662221016478509

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jun 2020 19:11:58 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 190d6068-3e1c-40c4-b236-a1ce0095b44b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Mon, 08 Jun 2020 19:11:56 GMT
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
status: 302
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0336f1c4db0001005e5eab2200000001
pragma: no-cache
x-function: 209
server: cloudflare
x-reuse-index: 1803
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=305&code=18072662221016478509
cache-control: no-cache, private
cf-ray: 5a04ebe7c90e0000-ARN
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
234 B 16ms
16ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1157032147674272&ev=PageView&dl=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&rl=&if=false&ts=1591643515704&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591643515703.1276142619&it=1591643515388&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:55 GMT, Mon, 08 Jun 2020 19:11:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 08 Jun 2020 19:11:55 GMT

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/trackpush/ 45 KB
13 KB 584ms
152ms Script
text/javascript 52.216.130.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.130.109 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5d20d9f800889c15761ef2c05630291e949bb7f1ab654784cf37bf0fedfeea3

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 08 Jun 2020 19:11:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 May 2020 23:14:18 GMT
Server: AmazonS3
x-amz-request-id: A47C2296F4E823FB
ETag: "e4bed32a876898247b53f4b3ea650884"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 12770
x-amz-id-2: 8RgMaOkGLiv92jrzSfuo2HgHCqbLouyU7qcfWNXUhgd/UXe7pqiGEkUZMKa0Aa7b5WK/CLfMasA=

GET
H2 200 i
tr.snapchat.com/cm/ Frame 60E2 0
0 131ms
67ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2373c4ab-5ba3-49cf-a935-39ec24b326e2

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=2373c4ab-5ba3-49cf-a935-39ec24b326e2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=

Response headers

status: 200
server: nginx/1.17.3
date: Mon, 08 Jun 2020 19:11:56 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ Frame A3C4 0
0 121ms
71ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.everydaywinner.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.everydaywinner.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=

Response headers

status: 200
server: nginx/1.17.3
date: Mon, 08 Jun 2020 19:11:56 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRGAQAgDsIm4oxRQx6kvWzC8CdlIj9fkvCxrPpNCNuDdnBM63EU96GSh13+NcCi8MgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 20200107-222305xbLK-1578493994288-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 36 KB
36 KB 134ms
134ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200107-222305xbLK-1578493994288-thumb.jpg

Requested by

Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/views/default/common/assets/js/jquery.1.11.3.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

703a62f85742f963057a14c99a14c61112d0bdf220186a6601cd35fc22fc517e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 08 Jan 2020 14:33:13 GMT
etag: "86cc1f8f30c6d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 36373
x-xss-protection: 1; mode=block

GET
H2 200 20200521-615016f6LK-1591138849673-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 3 KB
3 KB 140ms
133ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200521-615016f6LK-1591138849673-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0d49999fda19ce86d0a9ee8578bfcd22d9d859c420a7b929bce001d4350bd87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 02 Jun 2020 23:01:01 GMT
etag: "f2bbdaf3139d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 2663
x-xss-protection: 1; mode=block

GET
H2 200 20200512-7830869YE3-1591037731704-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 27 KB
27 KB 140ms
134ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200512-7830869YE3-1591037731704-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ec25e737289a750eb9834e8e2b90ab74aa42b7bddf00019c2e70ea944313c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 01 Jun 2020 18:55:33 GMT
etag: "a6eb513a4638d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 27546
x-xss-protection: 1; mode=block

GET
H2 200 20200509-857043Iqez-1589828724170-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 24 KB
24 KB 145ms
139ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200509-857043Iqez-1589828724170-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a80aade10ad3503039cfe7696c193fbab2e86e2529322fcfd2018941708513ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 May 2020 19:05:24 GMT
etag: "58362d49472dd61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 24288
x-xss-protection: 1; mode=block

GET
H2 200 20200508-480535fKov-1589876182360-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 19 KB
19 KB 147ms
141ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200508-480535fKov-1589876182360-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

489fadcb25820d50fbe7448e0e160850efb53af3519f64de305ea2c60ff81cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 19 May 2020 08:16:31 GMT
etag: "b6afbdcdb52dd61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 19764
x-xss-protection: 1; mode=block

GET
H2 200 20200502-990043aSKG-1588515849819-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 31 KB
31 KB 144ms
138ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200502-990043aSKG-1588515849819-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

746db3d7effdc07f19df4d1237af71ad238475df8a685d3853c8633c16385677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sun, 03 May 2020 14:24:11 GMT
etag: "f8b786835621d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 31384
x-xss-protection: 1; mode=block

GET
H2 200 20200419-920581XxfG-1590236064225-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 20 KB
20 KB 148ms
142ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200419-920581XxfG-1590236064225-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1a5fa2b37d2f4de9bd84ab6f35744e276268008802d06f2677f707aed2c9e750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sat, 23 May 2020 12:14:35 GMT
etag: "3e7723b9fb30d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 20706
x-xss-protection: 1; mode=block

GET
H2 200 20200417-607036ytqS-1587254060707-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 31 KB
31 KB 144ms
138ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200417-607036ytqS-1587254060707-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9c3d997584fe6efbb9b7ee0f529f361fab6a49704dad6d1a8517a0c6ce93e0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sat, 18 Apr 2020 23:54:26 GMT
etag: "a5a34b1dc15d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 31901
x-xss-protection: 1; mode=block

GET
H2 200 20200415-232912nbUw-1587064028879-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 20 KB
20 KB 147ms
141ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200415-232912nbUw-1587064028879-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

326b8cb1ed89826169b46a54bbc368b1f4df07b56bcc659c6523b28702b0facc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 16 Apr 2020 19:07:09 GMT
etag: "28d24d3a2214d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 20788
x-xss-protection: 1; mode=block

GET
H2 200 20200409-725804Smu6-1588043500902-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 17 KB
17 KB 147ms
141ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200409-725804Smu6-1588043500902-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed2862d7f6e6007405e94446e1002c0f71ba1fab173032249232d9b202c2d7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 28 Apr 2020 02:09:43 GMT
etag: "eefa531521dd61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 17002
x-xss-protection: 1; mode=block

GET
H2 200 20200408-949675eB4D-1586441484593-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 23 KB
23 KB 167ms
161ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200408-949675eB4D-1586441484593-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

41421e985ffe701eb2563d5ab4ba7ce52ab8778b3b4ec9c3acb9981998ebf386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 09 Apr 2020 14:11:28 GMT
etag: "5eb1cdc278ed61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 23269
x-xss-protection: 1; mode=block

GET
H2 200 20200331-991605C5U7-1589482250438-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 21 KB
21 KB 175ms
170ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200331-991605C5U7-1589482250438-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3ac4908770cde0f1763aac4ecc1d2ca9ba2bf7d213926a881eeaabf82a179096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 14 May 2020 18:50:52 GMT
etag: "1cfcba97202ad61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 21669
x-xss-protection: 1; mode=block

GET
H2 200 20200326-774082Fg1M-1588796274699-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 20 KB
20 KB 167ms
162ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200326-774082Fg1M-1588796274699-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

894ebb15b5c2bc9364d46b8ecf8c68589483395274d513d8d8f30b6438588d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 06 May 2020 20:17:56 GMT
etag: "b85c46de323d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 20436
x-xss-protection: 1; mode=block

GET
H2 200 20200323-358735eoyy-1587155332789-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 28 KB
28 KB 169ms
164ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200323-358735eoyy-1587155332789-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aab0d37a9211573d2e1cf2f861ee8d3b9172ecd62fdfb3e26094b08300bbf072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Fri, 17 Apr 2020 20:28:54 GMT
etag: "5f214fd0f614d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 28729
x-xss-protection: 1; mode=block

GET
H2 200 20200315-232912nbUw-1584971798095-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 1 KB
1 KB 167ms
163ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200315-232912nbUw-1584971798095-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c43b80658671c912d941003ff3b9df0851850d58144f54b50a3280e94f5933f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 23 Mar 2020 13:56:38 GMT
etag: "84d166df1a1d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 1309
x-xss-protection: 1; mode=block

GET
H2 200 20200312-291546QGVP-1585699797525-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 21 KB
21 KB 167ms
162ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200312-291546QGVP-1585699797525-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

361dd73abcc0862e8cafc3026fd1926d425601f3565e07eb6c66ace9b3cb1ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 01 Apr 2020 00:09:58 GMT
etag: "83845de1b97d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 21150
x-xss-protection: 1; mode=block

GET
H2 200 20200311-264644H509-1584544490066-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 28 KB
29 KB 167ms
163ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200311-264644H509-1584544490066-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4b7f3b59ad7d5b5fba1370171dcb4f791be3a924c416c3c36359f55e293e2ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 18 Mar 2020 15:14:51 GMT
etag: "d8116ff837fdd51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 29139
x-xss-protection: 1; mode=block

GET
H2 200 20200310-722072qApQ-1583944381605-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 18 KB
18 KB 170ms
166ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200310-722072qApQ-1583944381605-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4bf69cbbdf0ba57012ba23a060463922e2843179c964d47461f35acf357c3c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 11 Mar 2020 16:32:57 GMT
etag: "9dceceb8c2f7d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 18551
x-xss-protection: 1; mode=block

GET
H2 200 20200306-256524WuKO-1583595174443-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 19 KB
19 KB 170ms
166ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200306-256524WuKO-1583595174443-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e9069750998b9ddcc41302a7fb0de7d367d31357ead1920ca5b0e23258e8e995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sat, 07 Mar 2020 15:32:55 GMT
etag: "ef2d8fac95f4d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 19693
x-xss-protection: 1; mode=block

GET
H2 200 20200305-635202PFID-1585073369784-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 17 KB
17 KB 235ms
231ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200305-635202PFID-1585073369784-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83a012cfdc98ebb157705dc04248189feb9200c397acad72dc5ae27ffc1ee92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 24 Mar 2020 18:09:32 GMT
etag: "d6103d5e72d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 17357
x-xss-protection: 1; mode=block

GET
H2 200 20200227-517694xbbr-1584464545704-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 24 KB
24 KB 234ms
230ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200227-517694xbbr-1584464545704-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f9ee4a4406653743f0df8bbcb4c3f163d00ca775118e77a1445fddfa43ef4650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 17 Mar 2020 17:02:27 GMT
etag: "799c1cd67dfcd51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 24225
x-xss-protection: 1; mode=block

GET
H2 200 20200226-559650ZVI0-1584023095454-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 6 KB
6 KB 242ms
238ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200226-559650ZVI0-1584023095454-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3807f9a54ecf4c416a77cedd339043f656e541ef277a1829c55c2c7e612f62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 12 Mar 2020 14:24:55 GMT
etag: "55f79d07af8d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 5692
x-xss-protection: 1; mode=block

GET
H2 200 20200224-855116pHej-1583191790338-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 17 KB
17 KB 175ms
171ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200224-855116pHej-1583191790338-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d8dd097eedc4887a1c21d8083a7ef342894d81bb3dd4100464ef67f087b053a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 02 Mar 2020 23:29:51 GMT
etag: "7f9f8a78eaf0d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 17404
x-xss-protection: 1; mode=block

GET
H2 200 20200210-259070nnJi-1581435125725-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 19 KB
19 KB 242ms
239ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200210-259070nnJi-1581435125725-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

776c744e9e964d91a8f343594fa9d120fb06c94f1760771ca5edfeecbb960724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 11 Feb 2020 15:32:07 GMT
etag: "2210356bf0e0d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 19755
x-xss-protection: 1; mode=block

GET
H2 200 20200208-411036zclK-1581274676295-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 25 KB
25 KB 175ms
172ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200208-411036zclK-1581274676295-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

212f9c2f5ee631c591d939b615a933b3aa168c7afacc68757233562fcfb9bd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sun, 09 Feb 2020 18:57:59 GMT
etag: "4f6baed87adfd51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 25235
x-xss-protection: 1; mode=block

GET
H2 200 20200203-973243kNRl-1580834108775-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 30 KB
30 KB 176ms
173ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200203-973243kNRl-1580834108775-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6432aba95141750f69c3d628a5bb9bbcdc00515ac28814ccc80fe010aadacc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 04 Feb 2020 16:35:10 GMT
etag: "3689831179dbd51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 30759
x-xss-protection: 1; mode=block

GET
H2 200 20200129-802270WFFi-1580397180452-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 23 KB
23 KB 175ms
172ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200129-802270WFFi-1580397180452-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22d8ac9a462dde830ad477bde7bb0649c96e2b67992f293216eb86b6e0c0f700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 30 Jan 2020 15:13:01 GMT
etag: "59cb65c37fd7d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 23073
x-xss-protection: 1; mode=block

GET
H2 200 20200128-952361UF9j-1580311842881-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 16 KB
16 KB 232ms
229ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200128-952361UF9j-1580311842881-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f400e5043569b995892166cf685f97de4f40637f9065dc128b890cc58d9c7c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 29 Jan 2020 15:30:44 GMT
etag: "da5ea112b9d6d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 16736
x-xss-protection: 1; mode=block

GET
H2 200 20200122-798792mAvT-1579795517063-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 24 KB
24 KB 241ms
238ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200122-798792mAvT-1579795517063-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f8a6cf5c913d7dd9a41b7d23c1466c26d77725688c528ed4937d7200b90e790d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 23 Jan 2020 16:05:17 GMT
etag: "50997fe76d2d51:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 24606
x-xss-protection: 1; mode=block

GET
H2 200 20200117-640043TCme-1585022485930-thumb.jpg
www.everydaywinner.com/feature/EDW/app/files/winnerphoto/ 17 KB
17 KB 240ms
238ms Image
image/jpeg 40.121.91.199
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.everydaywinner.com/feature/EDW/app/files/winnerphoto/20200117-640043TCme-1585022485930-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.91.199 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e5f1711421989a2a6d83a220a20c208b513a2aa69e387b9cf309fdb043e5006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 24 Mar 2020 04:01:26 GMT
etag: "c34825e4901d61:0"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store
date: Mon, 08 Jun 2020 19:11:56 GMT
accept-ranges: bytes
content-length: 17425
x-xss-protection: 1; mode=block

GET
H2 200 flatironmedia2.jsp Show response
www.upsellit.com/active/ 28 KB
10 KB 594ms
198ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/flatironmedia2.jsp
Requested by: Host: www.everydaywinner.com
URL: https://www.everydaywinner.com/views/templates/everydaywinner/desktop/assets/js/upsellit.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 916fe75cda4149455c01e0e7a51ebffec479766ee1ba2899416f01bf88103949

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 08 Jun 2020 19:11:57 GMT
content-encoding: gzip
server: nginx
content-type: application/x-javascript;charset=ISO-8859-1
expires: Tue, 09 Jun 2020 19:11:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 16ms
16ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1157032147674272&ev=Microdata&dl=https%3A%2F%2Fwww.everydaywinner.com%2F%3Foverride%3D16%26utm_source%3DAdSurfSweeps1084%26utm_campaign%3D376%26utm_medium%3D1084%26utm_term%3D6115e101ee6445b49ddfaea1a21fe11d%26r%3D416917415%26s3%3Dsarsri%26s4%3D%26s5%3D&rl=&if=false&ts=1591643517208&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Everyday%20Winner%20%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591643515703.1276142619&it=1591643515388&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everydaywinner.com/?override=16&utm_source=AdSurfSweeps1084&utm_campaign=376&utm_medium=1084&utm_term=6115e101ee6445b49ddfaea1a21fe11d&r=416917415&s3=sarsri&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 19:11:57 GMT, Mon, 08 Jun 2020 19:11:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 08 Jun 2020 19:11:57 GMT

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snapchat.com/	1970-01-19 19:28:59	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRGAQAgDsIm4oxRQx6kvWzC8CdlIj9fkvCxrPpNCNuDdnBM63EU96GSh13+NcCi8MgAAAA==
.everydaywinner.com/	1970-01-19 19:37:10	Name: _scid Value: e6314bd0-3acf-4c45-90f8-8ab675b2ae18
www.everydaywinner.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: q3e1mgp4ocvhsg4jrgh3tmkj14
.everydaywinner.com/	1970-01-19 10:08:49	Name: _uetsid Value: 33b0940a-b449-c5bc-94f0-88e04244c80b
.everydaywinner.com/	1970-01-19 10:07:23	Name: _gat Value: 1
.everydaywinner.com/	1970-01-20 03:38:35	Name: _ga Value: GA1.2.2027741856.1591643515
.everydaywinner.com/	1970-01-19 10:07:27	Name: primepub Value: disabled
.www.everydaywinner.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: ca5124a274900efc763721701f6910ae2f308c1129e0435e6181e5e11577a4a6
.everydaywinner.com/	1970-01-19 10:07:30	Name: uuid Value: 6e118dc1-c499-4b56-ba37-e5e6603a55db
.everydaywinner.com/	1970-01-19 10:08:49	Name: _gid Value: GA1.2.1833685375.1591643515
.everydaywinner.com/	1970-01-19 12:16:59	Name: _fbp Value: fb.1.1591643515703.1276142619
.everydaywinner.com/	1970-01-19 10:07:28	Name: expireStamp Value: 1591648914
.everydaywinner.com/	1970-01-19 10:07:28	Name: visitID Value: g3wK342403

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s3.amazonaws.com/trackpush/trackpush.min.js(Line 1) Message: [aimtell] Browser does not support push

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
insight.adsrvr.org
pushpros.tech
rdcdn.com
s.tribalfusion.com
s.yimg.com
s3.amazonaws.com
sc-static.net
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
tr.snapchat.com
use.fontawesome.com
widget.us.criteo.com
www.everydaywinner.com
www.facebook.com
www.google-analytics.com
www.upsellit.com
104.18.13.5
13.226.159.78
143.204.89.48
178.250.0.163
185.33.221.53
208.118.62.69
212.82.100.181
23.111.9.35
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:815::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2003
2a02:2638::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.186.226.184
40.121.91.199
52.17.96.142
52.216.130.109
52.7.129.118
74.119.119.150
09268add7a7c529118bcdb5d1f9f9a23099d24ff08bd7864578b85979ed11e7f
0d49999fda19ce86d0a9ee8578bfcd22d9d859c420a7b929bce001d4350bd87c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec25e737289a750eb9834e8e2b90ab74aa42b7bddf00019c2e70ea944313c59
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a5fa2b37d2f4de9bd84ab6f35744e276268008802d06f2677f707aed2c9e750
1b40441a2cdc2ae6f174769b80225535659b159179aed091aae04c16e63a027f
212f9c2f5ee631c591d939b615a933b3aa168c7afacc68757233562fcfb9bd71
213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2
22d8ac9a462dde830ad477bde7bb0649c96e2b67992f293216eb86b6e0c0f700
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
326b8cb1ed89826169b46a54bbc368b1f4df07b56bcc659c6523b28702b0facc
361dd73abcc0862e8cafc3026fd1926d425601f3565e07eb6c66ace9b3cb1ab6
389a8a8f2f10a5c250d94b11d78853411e1f5edcbfff42f9d3a30f0cade19b69
3ac4908770cde0f1763aac4ecc1d2ca9ba2bf7d213926a881eeaabf82a179096
3e5f1711421989a2a6d83a220a20c208b513a2aa69e387b9cf309fdb043e5006
41421e985ffe701eb2563d5ab4ba7ce52ab8778b3b4ec9c3acb9981998ebf386
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
489fadcb25820d50fbe7448e0e160850efb53af3519f64de305ea2c60ff81cfc
4a69ff5664594345608afd78880ebc436b33f9b47a29897597be683be2419e51
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7f3b59ad7d5b5fba1370171dcb4f791be3a924c416c3c36359f55e293e2ec2
4bf69cbbdf0ba57012ba23a060463922e2843179c964d47461f35acf357c3c3c
4c43b80658671c912d941003ff3b9df0851850d58144f54b50a3280e94f5933f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
561010303db0644d7300aee63a424f506907e15ad874f702c60d3ae35e517c0a
58c5fb14d40e03a30b242153b35222ef2c66912229fe98e3bad88afd8bb4aa37
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
6432aba95141750f69c3d628a5bb9bbcdc00515ac28814ccc80fe010aadacc69
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6a793f5c80161ea382318837e48ee32d4557e886153c000b24e1c3d8002c31fc
6b2ca84b8947bdbf5f5ce041196048268cb8dec51988511902c68111ebf8eee4
6dad2c4b7adba6a13ea42a752b49ebc7a5b9cf511042acf4981202ced8cd3968
6efcc6499110953286174eb01bf487e30683fe1549c3bcde548c7b52ca05f189
703a62f85742f963057a14c99a14c61112d0bdf220186a6601cd35fc22fc517e
7113dd2dedfc5f3f4cc0b12c89ced110723e4eff24c4a4d281cd82dbd430e723
7413bf3f702d23e14ee35aa8137adb01684f6f7c6e3532e7af8b18930bfd2d4c
746db3d7effdc07f19df4d1237af71ad238475df8a685d3853c8633c16385677
776c744e9e964d91a8f343594fa9d120fb06c94f1760771ca5edfeecbb960724
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
7df214c5311af1aad9bf2ddd8251e29388150bbb4fa7e8206162baa98e153272
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a012cfdc98ebb157705dc04248189feb9200c397acad72dc5ae27ffc1ee92b
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
865b5d50750c6522f6c21f2b9af6e454ec220b98ab77763608bc7bcc5fc7875b
894ebb15b5c2bc9364d46b8ecf8c68589483395274d513d8d8f30b6438588d3e
8ab4b9f7c138df2839d3ec207a1ebef442e960b8c6dbb000412a9964847be19b
8c10f4e9128552d20385a51c66028e9c2f8b9fd054e9e294424591be941e66e0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
916fe75cda4149455c01e0e7a51ebffec479766ee1ba2899416f01bf88103949
9625b0be286ea1562a19f53a5dbe885db3195d22176ed1117682d4828b9bb1d2
97c9954639caa5d1b26c3f2e04034c62cc779fd2a31ca9408a320b742946a049
9889505062b6a5a08981798cdf821590f422ee32e9ff76958a8304d4afd92ee7
9aa1fe2c751d378c414a8b6418ba9279ee6cdd79b7ad0b2fb7721047af15dd9e
9c3d997584fe6efbb9b7ee0f529f361fab6a49704dad6d1a8517a0c6ce93e0e7
9c53320c9ed023755b40bb379bdbc8ee22e749f872a9085b764706f5f10fcc68
9f970516c40022c26507e3edbb4fbd4f4c773683f35b8921621b4e0c17305101
a19b6a07374682e4c4c29ecec9e3001d316593c3d2a80dfe1ce8d54b1ac05985
a1a92d9b220d06d00685ee39e4526493d7cd91de5a4264cdb85a01ced82ab90b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5d20d9f800889c15761ef2c05630291e949bb7f1ab654784cf37bf0fedfeea3
a674ce173d3878b196cd93c8aad0ed2b155e11236a8363ece901d7ae15af19ea
a80aade10ad3503039cfe7696c193fbab2e86e2529322fcfd2018941708513ad
aab0d37a9211573d2e1cf2f861ee8d3b9172ecd62fdfb3e26094b08300bbf072
ab56187eb268f6cab6eeb4b007bd6e5c42bf46917262377538daeddc5e86ce16
b9032523e5aff31b1c6f75c2743adcf3f0d5930f34df377ec8a3199a9656d0b5
bcb3f197aa1170febef87d9b04d7da13705b93551da6a9b4b4c289d0c057bb56
c49a94dff56412fe928029f4b663f0fafc148c4921d37979e8cd429c4a59be32
c59299bbecbdeddf4cc5bd5abeddb95a6617c9be0c9ba212254435dde3a1509b
d18ac5282d49df88ec383df2ada07181527dd732e9e116fc373b52e9035957d0
d3807f9a54ecf4c416a77cedd339043f656e541ef277a1829c55c2c7e612f62e
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d8dd097eedc4887a1c21d8083a7ef342894d81bb3dd4100464ef67f087b053a1
db7c0a6cb89b265157b466f9127b04e326a1ed2bd123a0a375a2aae73a82cf01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41cc400da87670d489790b6bb2ce054b70b15ae832296823e95c14ea9041919
e9069750998b9ddcc41302a7fb0de7d367d31357ead1920ca5b0e23258e8e995
ed2862d7f6e6007405e94446e1002c0f71ba1fab173032249232d9b202c2d7f9
ed80432206a3302912defd54f9a6c0ed02c3f0f13f744f4d4e7452f6a385356a
ef40a10db25e34491d57d84889e79dcf191e4c5d593fa8949f28be72dfd20eeb
f400e5043569b995892166cf685f97de4f40637f9065dc128b890cc58d9c7c7e
f8a6cf5c913d7dd9a41b7d23c1466c26d77725688c528ed4937d7200b90e790d
f9ee4a4406653743f0df8bbcb4c3f163d00ca775118e77a1445fddfa43ef4650
fbee1ad5fe09ef4a1b605954fa710d4138b4db339c8a697be6fd4c2bd4ebca35

www.everydaywinner.com Open in urlscan Pro 40.121.91.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

36 %IPv6

21 Domains

23 Subdomains

21 IPs

7 Countries

1407 kBTransfer

2493 kBSize

13 Cookies

0 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.everydaywinner.com Open in urlscan Pro
40.121.91.199 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

36 %
IPv6

21
Domains

23
Subdomains

21
IPs

7
Countries

1407 kB
Transfer

2493 kB
Size

13
Cookies

98 HTTP transactions
0 data transactions