play.sweepstakesalerts.com Open in urlscan Pro
3.93.206.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicks.swpstrack.com/c/cR5/u0_b/h1kOhDY-eh_3n3WdeOk-PQ/W/cTRJv/F/c57c9cf9
Effective URL:
https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a07...
Submission: On June 21 via api (June 21st 2023, 2:02:54 pm UTC) from IE — Scanned from PL

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 21 domains to perform 70 HTTP transactions. The main IP is 3.93.206.78, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is play.sweepstakesalerts.com. The Cisco Umbrella rank of the primary domain is 394722.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 28th 2023. Valid for: a year.

This is the only time play.sweepstakesalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.199.51.233 91.199.51.233	47544 (IQPL-AS) (IQPL-AS)
3	3.93.206.78 3.93.206.78	14618 (AMAZON-AES) (AMAZON-AES)
12	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
8	18.66.147.124 18.66.147.124	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.52 18.66.112.52	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
5	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
2	169.150.247.33 169.150.247.33	60068 (CDN77 ^_^) (CDN77 ^_^)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	199.232.194.2 199.232.194.2	54113 (FASTLY) (FASTLY)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	91.228.74.166 91.228.74.166	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	18.66.147.92 18.66.147.92	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.16 178.250.7.16	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2.23.7.9 2.23.7.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
3	3.232.210.215 3.232.210.215	14618 (AMAZON-AES) (AMAZON-AES)
1	35.160.201.66 35.160.201.66	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.30 18.66.97.30	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1 2	35.172.0.175 35.172.0.175	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
70	28

1 91.199.51.233 (Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-233.rev.iq.pl

clicks.swpstrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.93.206.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-206-78.compute-1.amazonaws.com

play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.147.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-124.fra60.r.cloudfront.net

cdn.play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-52.fra56.r.cloudfront.net

cdn.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.247.33 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-33.datapacket.com

sw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbsw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.2 (United States)

ASN54113 (FASTLY, US)

media.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-92.fra60.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.16 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.7.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-7-9.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.232.210.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-210-215.compute-1.amazonaws.com

api.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.201.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-201-66.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.0.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-0-175.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 511	40 KB
12	sweepstakesalerts.com play.sweepstakesalerts.com — Cisco Umbrella Rank: 394722 cdn.play.sweepstakesalerts.com — Cisco Umbrella Rank: 722359 cdn.sweepstakesalerts.com — Cisco Umbrella Rank: 442492	338 KB
5	pushy.ai sw.pushy.ai — Cisco Umbrella Rank: 156061 pbsw.pushy.ai — Cisco Umbrella Rank: 43737 api.pushy.ai — Cisco Umbrella Rank: 54811	10 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	115 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 716	116 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 949 trc.taboola.com — Cisco Umbrella Rank: 650 trc-events.taboola.com — Cisco Umbrella Rank: 1937	21 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	714 B
3	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3352 gum.criteo.com — Cisco Umbrella Rank: 407	22 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2948 rp.liadm.com — Cisco Umbrella Rank: 2277	16 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 389	13 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	google.pl www.google.pl — Cisco Umbrella Rank: 13675	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	403 B
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 56227 business.newsbreak.com — Cisco Umbrella Rank: 15187	3 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1215 pixel.quantserve.com — Cisco Umbrella Rank: 977	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	179 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 330	475 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	1 KB
1	giphy.com media.giphy.com — Cisco Umbrella Rank: 12867	2 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	swpstrack.com 1 redirects clicks.swpstrack.com — Cisco Umbrella Rank: 506297	526 B
70	21

	Domain	Requested by
12	js-agent.newrelic.com	play.sweepstakesalerts.com
8	cdn.play.sweepstakesalerts.com	play.sweepstakesalerts.com cdn.play.sweepstakesalerts.com
5	www.google-analytics.com	play.sweepstakesalerts.com www.google-analytics.com www.googletagmanager.com
4	analytics.tiktok.com	play.sweepstakesalerts.com analytics.tiktok.com
3	api.pushy.ai	play.sweepstakesalerts.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com play.sweepstakesalerts.com
3	fonts.gstatic.com	fonts.googleapis.com
3	play.sweepstakesalerts.com	play.sweepstakesalerts.com
2	trc-events.taboola.com	play.sweepstakesalerts.com
2	rp.liadm.com	1 redirects
2	gum.criteo.com	dynamic.criteo.com gum.criteo.com
2	www.google.pl	play.sweepstakesalerts.com
2	stats.g.doubleclick.net	www.googletagmanager.com play.sweepstakesalerts.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	play.sweepstakesalerts.com www.googletagmanager.com
1	bam.nr-data.net	play.sweepstakesalerts.com
1	pixel.quantserve.com	play.sweepstakesalerts.com
1	www.google.com	play.sweepstakesalerts.com
1	rules.quantcount.com	secure.quantserve.com
1	business.newsbreak.com	static.newsbreak.com
1	trc.taboola.com	cdn.taboola.com
1	static.newsbreak.com	play.sweepstakesalerts.com
1	dynamic.criteo.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	cdn.taboola.com	play.sweepstakesalerts.com
1	secure.quantserve.com	www.googletagmanager.com
1	pbsw.pushy.ai	sw.pushy.ai
1	media.giphy.com	play.sweepstakesalerts.com
1	sw.pushy.ai	play.sweepstakesalerts.com
1	fonts.googleapis.com	cdn.play.sweepstakesalerts.com
1	cdn.sweepstakesalerts.com	play.sweepstakesalerts.com
1	clicks.swpstrack.com	1 redirects
70	32

This site contains no links.

Subject Issuer	Validity	Valid
sweepstakesalerts.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-13`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.play.sweepstakesalerts.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-17`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sw.pushy.ai R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-29` - `2023-12-31`	a year	crt.sh
pbsw.pushy.ai R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
pushy.ai Amazon RSA 2048 M01	`2023-02-28` - `2023-11-28`	9 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Frame ID: 517E6ECD9930E0E4FB7162DBAA25B751
Requests: 67 HTTP requests in this frame

Frame: https://pbsw.pushy.ai/wps/cross_storage
Frame ID: 6A4486C2F630A4528A10CD39D5AA08AE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag
Frame ID: 509FEE65BA6744E03613776F1D5FCC9C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Claim Your Entry

Page URL History Show full URLs

https://clicks.swpstrack.com/c/cR5/u0_b/h1kOhDY-eh_3n3WdeOk-PQ/W/cTRJv/F/c57c9cf9 HTTP 302
https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Har... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

28
IPs

6
Countries

2854 kB
Transfer

4138 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicks.swpstrack.com/c/cR5/u0_b/h1kOhDY-eh_3n3WdeOk-PQ/W/cTRJv/F/c57c9cf9 HTTP 302
https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://rp.liadm.com/j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkNsYWltIFlvdXIgRW50cnk8L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj4KICAgICAgICAgICAgICAgICBUaGFuayB5b3UgVG9ueSwgIHlvdXIgZW1haWwgaXMgY29uZmlybWVkCiAgICAgICAgICAgICAgPC9oMT4 HTTP 302
https://rp.liadm.com/j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkNsYWltIFlvdXIgRW50cnk8L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj4KICAgICAgICAgICAgICAgICBUaGFuayB5b3UgVG9ueSwgIHlvdXIgZW1haWwgaXMgY29uZmlybWVkCiAgICAgICAgICAgICAgPC9oMT4&n3pc=true

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request welcome-back Show response
play.sweepstakesalerts.com/
Redirect Chain

https://clicks.swpstrack.com/c/cR5/u0_b/h1kOhDY-eh_3n3WdeOk-PQ/W/cTRJv/F/c57c9cf9
https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-e...

70 KB
28 KB

485ms
210ms

Document
text/html

3.93.206.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.206.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-206-78.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8c34184b86f7b29d6235a12fdf8d896ad7f161f7096a72c3bf7b595ec4f00cf8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 14:02:47 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private
content-length: 705
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 14:02:47 GMT
location: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f

GET
H2 200 286.d701d70f-1.234.0.min.js Show response
js-agent.newrelic.com/ 14 KB
6 KB 136ms
43ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/286.d701d70f-1.234.0.min.js

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a80d5777896f0c08dc947f4b293830d47f1ae5b08d36b2bdcc64aadc5b9f574

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Vcn6U3typbqSsrXZgkZXY6aNN5HiRbpB
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHF24JJARQBSP72
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5296
x-amz-id-2: rxcrB8NqZtmEGUzejxAH9OsRAgnW5ho2H//Gw702p7bjGD89Oaya+jW1/MRCr2VV+ZYtGdUTOe0=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356168.145435,VS0,VE0
etag: "b1e44ab0984d847862d18be77b230a2e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 721

GET
H2 200 session-manager.9219a813-1.234.0.min.js Show response
js-agent.newrelic.com/ 2 KB
969 B 138ms
45ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.9219a813-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f22ab9123908fe93446fa8948afd411ab7e9b37360d3fd60ce357aa4d6383b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: MGIzurbDvP1ipfBWIOzAmPY_3sfxhP9u
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH28CE1ZFN9QEA1
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 739
x-amz-id-2: pisdhQDoLXEZcJ0qBmFH7UVyLD7ZQZEGQc4Z3YJyMB6mFg3PKFrsFcGoSFvJC4aAWpzYy9HT4MM=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:57 GMT
server: AmazonS3
x-timer: S1687356168.145418,VS0,VE0
etag: "716d33cfb5ed62e20a173f019a30ed20"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 706

GET
H2 200 / Show response
play.sweepstakesalerts.com/members/ 427 B
785 B 139ms
139ms XHR
application/json 3.93.206.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/members/?md5=4bed1cce4c4a072013c8e89362f0af0f

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.206.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-206-78.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

06d0ba56744d506c07770fc74539557305d177957c55e9640cf96661ed8e2487

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4LBlVRVRYSTEFYUhEXC0VSFAM8D1UPWgdKGhgCH1UXUQFVBlBTBQRRVVoABgVdVFUbHAZKRlAHVVFRVlcIVltQDQsDBApHFQdQDUAHOQ==
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
vary: Cookie
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
91 KB 134ms
47ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0c67c709002aa57e46a4951b063d49d65dae29a98165c4cd31d71ae927438c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92253
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 105209206a72.css
cdn.play.sweepstakesalerts.com/static/css/ 34 KB
8 KB 142ms
46ms Stylesheet
text/css 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/css/105209206a72.css
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05657a0498512274f63e06819f0bc2cccedb4cca2cc6d08e7b034bb2943d97ad

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:52:55 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 17:52:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 418194
etag: "2a7cabd7707d1cc81f1584b68a1a75ec"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7680
x-amz-cf-id: jqjbSSSq6CP8kfJTb610NUeV_GXSHYt4_-G0HLDySnhXFpNcGBrzig==

GET
H2 200 ef38715ec279.js Show response
cdn.play.sweepstakesalerts.com/static/js/ 90 KB
32 KB 149ms
53ms Script
application/javascript 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/ef38715ec279.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33e15c84216491dfd2f3295ce905ab0b66bfc10d01626e4a510e3f6ba03355e0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:52:55 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 17:52:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 418194
etag: "58546fbf8fb93402ca6ffa97ef6919c2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 32371
x-amz-cf-id: HxoZl76Eg757qieAG0XdyDjmsT773ItAaRQe3GdaTc5th_YL8VYE4Q==

GET
H2 200 sa-5k-sweepstakes-B-300x250.png
cdn.sweepstakesalerts.com/images/2018/06/21/ 31 KB
32 KB 149ms
50ms Image
image/png 18.66.112.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2018/06/21/sa-5k-sweepstakes-B-300x250.png
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccacce7b8f43e5f26ec58a8645327be29e4600f1c47944a19a712acdc51bf4fd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:13:57 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jun 2018 15:01:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 416932
etag: "0b8950f0b4cd718f9cf2cab440ff18e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 32223
x-amz-cf-id: 7zRe9uwH8q2nkSeJNEkIjNHy0-MNgPEal9VF1VjtQWcsB1__m2BnXA==

GET
H2 200 1b92e3c5dfd0.js Show response
cdn.play.sweepstakesalerts.com/static/js/ 9 KB
3 KB 46ms
44ms Script
application/javascript 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/1b92e3c5dfd0.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e6b614bdf28054530044130c1003cab249447aa8296b6d6a87bb47b9ac7044

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:52:55 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 17:52:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 418194
etag: "68c15f3f97f4a5b29c001161dedd5f01"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2843
x-amz-cf-id: Vk0WZifErPeR8KZQDSUFyK7rD9ioHMUWJMB4W57vmDVfJ8loEhMFMg==

GET
H2 200 jquery-3.2.1.min.js Show response
cdn.play.sweepstakesalerts.com/static/js/vendor/ 85 KB
30 KB 50ms
49ms Script
application/javascript 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/vendor/jquery-3.2.1.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:02:21 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 446428
etag: "86f82702d05f887a0b39256b8255be8f"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30178
x-amz-cf-id: 0tN2eTEaxbGrqK58go72DeXVDT_NiIrREzltBjr9ijJtkeWvzkoRCg==

GET
H2 200 enquire.min.js Show response
cdn.play.sweepstakesalerts.com/static/js/vendor/ 3 KB
2 KB 44ms
43ms Script
application/javascript 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/vendor/enquire.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfb99dee1e029d51d6cfb672d847929890b1585402de17f5ed092edd72a688b4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 05:04:28 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 550701
etag: "3d8216e282557a62af3482a16e46d92f"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1313
x-amz-cf-id: yJxbWHFxcWT0eu-H1pMZMiIOQBEQ6uDKdMtXkSyn7f7x5tPumGTq2Q==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 139ms
48ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: cdn.play.sweepstakesalerts.com
URL: https://cdn.play.sweepstakesalerts.com/static/css/105209206a72.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 13:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
39ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 12:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5246
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Jun 2023 14:35:22 GMT

GET
H2 200 wpsmain.js Show response
sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/ 32 KB
8 KB 151ms
42ms Script
application/javascript 169.150.247.33
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.33 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-247-33.datapacket.com

Software

BunnyCDN-DE1-1076 /

Resource Hash

2b176c7b958b22ccb5a1bf038ac04c07d122d3a30ef4e351930cdf3272b0ed4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-cachedat: 05/24/2023 12:48:20
cdn-pullzone: 644701
server: BunnyCDN-DE1-1076
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
cache-control: public, max-age=2592000
cdn-requestid: 4c0e654af15c866ae69050e645ff4872
cdn-requestcountrycode: PL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg-money-orange-sm.jpg
cdn.play.sweepstakesalerts.com/static/img/ 26 KB
26 KB 48ms
48ms Image
image/jpeg 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/bg-money-orange-sm.jpg
Requested by: Host: cdn.play.sweepstakesalerts.com
URL: https://cdn.play.sweepstakesalerts.com/static/css/105209206a72.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc53e32f3ec0024b31f6ba9c036c338b632b7747062db8088f6349f20d9fb194

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.play.sweepstakesalerts.com/static/css/105209206a72.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:07:06 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 492943
etag: "ffbd2856bea9ca446903553f95ce0c65"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 26453
x-amz-cf-id: oPnQ-b4uMnNA3xH8gJdc6I_yvYxK32UwvV5fbUQWf8-2POvkVVn9nA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 137ms
39ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 383541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 03:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 146ms
48ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 334713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 177ms
80ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:26:19 GMT
x-content-type-options: nosniff
age: 48989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:26:19 GMT

GET
H2 200 bg-money-orange.jpg
cdn.play.sweepstakesalerts.com/static/img/ 164 KB
164 KB 49ms
48ms Image
image/jpeg 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/bg-money-orange.jpg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df56f740d4cddadaaee90c2b03a8c20a31f57bc2ee5db684813eab504a227d41

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 20:54:37 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 148092
etag: "33333f02c61d6968d3ce4d93a970df87"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 167752
x-amz-cf-id: Ax3INgaNVakWxR5zhUS_oTiMEqyF3Kte22FDLOK3eU0rLq8mwUZoew==

GET
H2 200 logo-sweepstakesalerts-white.svg
cdn.play.sweepstakesalerts.com/static/img/ 29 KB
12 KB 108ms
107ms Image
image/svg+xml 18.66.147.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/logo-sweepstakesalerts-white.svg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:12:16 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 129033
etag: "e4a2eb296ca372f408d8900e1adafe1e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11443
x-amz-cf-id: OJ397e7k-zaV0z0wyAOxnXYWAN7rnwIw_LbJBmxrLm0Q4MEG6RzpQA==

GET
H2 200 giphy.gif
media.giphy.com/media/U3qYN8S0j3bpK/ 2 MB
2 MB 145ms
43ms Image
image/gif 199.232.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.giphy.com/media/U3qYN8S0j3bpK/giphy.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0397af58b67028636440dca0ba6617f4b9b1bdfb977341520042316d7c1ea4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
strict-transport-security: max-age=15465600
age: 3717864
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1966867
x-served-by: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230070-FRA
last-modified: Thu, 11 May 2017 06:09:36 GMT
x-timer: S1687356169.504452,VS0,VE2
etag: "0b5934b623f3c6f5377f221959d77982"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noai, noimageai
x-cache-hits: 9071, 1

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 52ms
51ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W6DW6GG&cid=621869158.1687356169

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

bbc1110df5d29b86006bed11ff6cac5a0725ec5e92850230e5a416e51897ad9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47997
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 cross_storage Show response
pbsw.pushy.ai/wps/ Frame 6A44 2 KB
1 KB 150ms
49ms Document
text/html 169.150.247.33
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://pbsw.pushy.ai/wps/cross_storage
Requested by: Host: sw.pushy.ai
URL: https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.33 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-33.datapacket.com
Software: BunnyCDN-DE1-1076 /
Resource Hash: 815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 06/03/2023 09:21:50
cdn-edgestorageid: 1077
cdn-proxyver: 1.03
cdn-pullzone: 644701
cdn-requestcountrycode: PL
cdn-requestid: cb39e63007cf0541a237f07130588f1b
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 14:02:48 GMT
server: BunnyCDN-DE1-1076
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 60ms
59ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dc058f8a7aac64c4b0057f71ac0f40d040edc99c221f2cc06043a61e0aa8e0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 120 KB
47 KB 48ms
48ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W6DW6GG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

ea0b05836be7769383aa9b0231d6b80516c32be1084ea4a28042de707593b90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47760
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 125ms
64ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 21 Jun 2023 14:02:48 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE1B1D5A6D434E23AACFB3619EE5225B Ref B: WAW01EDGE0922 Ref C: 2023-06-21T14:02:48Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 147ms
53ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 14:02:48 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1163270/ 58 KB
18 KB 131ms
44ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13cd0737ec0933d192a2579e03a8f18a7af6b8cd7b98ddf721a70529702b186e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: vsnWNxm8USgSvNW26PXIyVhIJyrOy4p.
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:48 GMT
x-amz-request-id: 2C8D8JZ1XNMF4Y49
age: 66
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18353
x-amz-id-2: +aEX7TLUxcXFQiE2IWjAZ9/TZVM/MD6sXUJ+g5z14BAwNxtlx/z6B7kD9dbxMwBkB3tdu/LJOF8=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Sun, 18 Jun 2023 11:18:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687356169.681995,VS0,VE1
etag: "bd5f9583d92d935fce49d74480bb9c73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 a-01nn.min.js Show response
b-code.liadm.com/ 42 KB
15 KB 144ms
54ms Script
application/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01nn.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: /
Resource Hash: 53c20cf9b319c6eda8c8d75111fe74f2e3dd787f95f30601b2b151340cdd4078

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 06:35:29 GMT
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 26839
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: fbRExFyYiRRmpr6vSFXyfo7pwiURndgZhKiIH6v4IfAHiPFdv2Pdqw==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 210ms
104ms Script
application/javascript 178.250.7.16
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=84770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.16 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c53e3dff890c1bf445a3f8547a966be797de84c676e7d996f6c84112ab88feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 249ms
146ms Script
application/javascript 2.23.7.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCSD5RC77U5BM7P156G&lib=ttq
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b7445293280ba396741a88f00e1690d4f620444089caa2272c800eb305d04ab9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 4bfaa89.23e9953
date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-7-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 95,2.23.7.5
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=12, inner; dur=3
content-length: 1624
pragma: no-cache
server: nginx
x-tt-logid: 2023062114024871265F8D9F1B7575516F
x-cache-remote: TCP_MISS from a23-59-250-37.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.59.250.37
x-tt-trace-host: 0129fd5f83dec61942934e20917e21c09b222515ab02f9dd746ba43bcaf17a3bcdd3c209591351ce721e238b35b6a25ce9f300100c63eed271fd4bc603737f4e5485960f2252c59293c1076b4bb8362ecc5f265162d2bbc53af4f7981919f7056b61e95a16e71b4539c77e3538da4b7656
expires: Wed, 21 Jun 2023 14:02:48 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 142ms
45ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1687392000000
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
date: Wed, 21 Jun 2023 07:47:16 GMT
x-amz-cf-pop: FRA60-P3
age: 22567
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: K9tvaZo1FCgQgvwil2418q0VpTKSrEnvMYURp_Eg1uuE8McSKYvSGw==

GET
H2 200 / Show response
play.sweepstakesalerts.com/session/ 0
534 B 144ms
143ms XHR
text/html 3.93.206.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/session/?ga_client_id=621869158.1687356169

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.206.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-206-78.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
X-Requested-With: XMLHttpRequest
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:48 GMT
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4AFlZdVQgSTEFYUhEXC0VSFAM8EVURSwtXVhYeA0kJTwFRBFBWAwdSUFUKAgBdUlUCHRpXSBMHUFdQB1UJWllSAQAAVlABG01XAF8RAWs=
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
47ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=316989810&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&ul=en-us&de=UTF-8&dt=Claim%20Your%20Entry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAACAAI~&jid=2019552057&gjid=971171259&cid=621869158.1687356169&tid=UA-46324972-3&_gid=253070805.1687356169&_r=1&_slc=1&gtm=45He36e2n81P7FW2V8&cd3=298&cd4=&cd7=laredopetro.com&cd8=4bed1cce4c4a072013c8e89362f0af0f&cd11=72237&cd12=115820&cd13=23965954&z=358627129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 115ms
45ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q9WRQ78FTS&gtm=45je36e2&_p=316989810&_gaz=1&cid=621869158.1687356169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687356168&sct=1&seg=0&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&dt=Claim%20Your%20Entry&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 140ms
46ms Ping
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q9WRQ78FTS&cid=621869158.1687356169&gtm=45je36e2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 159ms
72ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q9WRQ78FTS&cid=621869158.1687356169&gtm=45je36e2&aip=1&z=85793235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 139ms
47ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46324972-3&cid=621869158.1687356169&jid=2019552057&gjid=971171259&_gid=253070805.1687356169&_u=aHDAAEACQAAAACAAI~&z=1563543096

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Jun 2023 14:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rl Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
129 B 428ms
141ms Fetch
application/json 3.232.210.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/rl

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.210.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-210-215.compute-1.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:02:49 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H2 204 26042910.js Show response
bat.bing.com/p/action/ 0
118 B 172ms
169ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26042910.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 21 Jun 2023 14:02:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B62D1691026C4351BE5D96DBA0005C33 Ref B: WAW01EDGE0922 Ref C: 2023-06-21T14:02:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 64ms
63ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26042910&tm=gtm002&Ver=2&mid=e170fd56-c855-47b4-9398-543ecd93958c&sid=4df805f0103c11ee983a75100d2e80c9&vid=4df81690103c11eea902817f46030410&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Claim%20Your%20Entry&p=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&r=&lt=1185&evt=pageLoad&sv=1&rn=97020

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 14:02:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5BF33BEABBC4874912B432A0BC23F4F Ref B: WAW01EDGE0922 Ref C: 2023-06-21T14:02:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1163270/trc/3/ 2 KB
2 KB 74ms
64ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1163270/trc/3/json?tim=1687356168736&data=%7B%22id%22%3A331%2C%22ii%22%3A%22%2Fwelcome-back%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1687356168728%2C%22cv%22%3A%2220230618-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbuzzery-sweepstakes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1687356168735%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 94bc81376b4134a1455bf5d7ff03214bea56639e7b3a4ad21558e61dc5e5a386

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7612
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230063-FRA
server: nginx
x-timer: S1687356169.765412,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 584ms
195ms Ping
application/json 35.160.201.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1561851096954953730&uid=1-iivxkre0-lj5saof9&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&rl=&ts=1687356168579&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Claim%20Your%20Entry&bn=Chrome%20114&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&tz=0&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_content=&utm_campaign=transactional&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1687392000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.201.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-201-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rules-p-KgfKnLKEydhQX.js Show response
rules.quantcount.com/ 663 B
1 KB 133ms
44ms Script
application/javascript 18.66.97.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-KgfKnLKEydhQX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:35:45 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 663
last-modified: Wed, 09 Oct 2019 21:46:18 GMT
server: AmazonS3
etag: "24bfe90597a01d37400814a2e514eed3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: vfO5vrTqj2jjcOBOjy7SwaG0WI-gItLWovhHBeNQGJQRJ4Dc_yXm2Q==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 509F 15 KB
6 KB 133ms
46ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=84770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:02:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 245991
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 main.MWE4ZjFkYTAyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 310 KB
83 KB 51ms
50ms Script
application/javascript 2.23.7.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCSD5RC77U5BM7P156G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 23e9be3
date: Wed, 21 Jun 2023 14:02:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306151209127860F31BF7A752FD4F3A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0132a43302c15cd5ab3966668c26b9c1cad567d821d5a8eeeae53d867a76fd1ee213540f08ac87e12aa560bd90c5ed206c80fe3b1c52fbd11ae3feab343beda57ecb00add2b5eca72cd99b8f87d7bbfb6392853cbfecbfb92fd62fa621877ee01c
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 84138

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 150ms
63ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46324972-3&cid=621869158.1687356169&jid=2019552057&_u=aHDAAEACQAAAACAAI~&z=1942219309

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
107 B 66ms
65ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46324972-3&cid=621869158.1687356169&jid=2019552057&_u=aHDAAEACQAAAACAAI~&z=1942219309

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harg...
https://rp.liadm.com/j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harg...

13 B
572 B

129ms
129ms

XHR
application/json

35.172.0.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp.liadm.com/j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkNsYWltIFlvdXIgRW50cnk8L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj4KICAgICAgICAgICAgICAgICBUaGFuayB5b3UgVG9ueSwgIHlvdXIgZW1haWwgaXMgY29uZmlybWVkCiAgICAgICAgICAgICAgPC9oMT4&n3pc=true

Protocol

Server

35.172.0.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-0-175.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:02:49 GMT
x-pixel-event-id: 27e3db03-2272-48d1-ad5a-f5bf77b8ea3f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: https://play.sweepstakesalerts.com
access-control-allow-credentials: true
trace-id: 3f9624a2e9421d76
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: /j?dtstmp=1687356168883&aid=a-01nn&se=e30&duid=b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv&tna=v2.7.2&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkNsYWltIFlvdXIgRW50cnk8L3RpdGxlPjxoMSBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj4KICAgICAgICAgICAgICAgICBUaGFuayB5b3UgVG9ueSwgIHlvdXIgZW1haWwgaXMgY29uZmlybWVkCiAgICAgICAgICAgICAgPC9oMT4&n3pc=true
access-control-allow-origin: https://play.sweepstakesalerts.com
request-time: 0
access-control-allow-credentials: true
trace-id: b7e8f69e6a5d2722
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 pixel;r=635284460;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%...
pixel.quantserve.com/ 35 B
371 B 47ms
46ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=635284460;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f;uht=2;fpan=1;fpa=P0-1612894461-1687356168752;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=sweepstakesalerts.com;dst=0;et=1687356168888;tzo=0;ogl=;ses=0a1a3d55-f51e-4818-bb17-06001357af21;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 509F 452 B
579 B 55ms
54ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27784257e0c9c3c9a3e609b356f890dff493fd113e84a7c29537f5c986f1ea73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2899630
expires: 0

GET
H2 200 identify_f7fa8.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 52ms
52ms Script
application/javascript 2.23.7.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_f7fa8.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 23e9e80
date: Wed, 21 Jun 2023 14:02:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306151209137860F31BF7A752FD4F51
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0132a43302c15cd5ab3966668c26b9c1cad567d821d5a8eeeae53d867a76fd1ee213540f08ac87e12aa560bd90c5ed206c69a238d6f08ad2d764c0b008f14e418c8e73d7d89bff553ac6daeb1fb8a23a944b9c0e98d50ca03444963bdd3703d498
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=9
content-length: 30827

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
683 B 178ms
177ms Ping
text/plain 2.23.7.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-9.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ea170ec.23e9faf
date: Wed, 21 Jun 2023 14:02:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-7-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 123,2.23.7.5
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=42, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230621140249F3367634C3250B59F750
x-cache-remote: TCP_MISS from a23-59-250-86.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.59.250.86
x-tt-trace-host: 0129fd5f83dec61942934e20917e21c09b222515ab02f9dd746ba43bcaf17a3bcd2190c6e55e3e2168779fb8a36d4511f6c30ad34aac37ea033a1d868239a56c5e11b11f871874701f49672efc1952fd4a21be5f629fc693a862e36954b7db1b87287fa1da57e9ff26f236534a7a9096ef
expires: Wed, 21 Jun 2023 14:02:49 GMT

GET
H2 200 async-api.bbe52263-1.234.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 42ms
41ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.bbe52263-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74544526b2a63982548fc5a3de7332d85b2499d92e6de73b3ac714e1bec64fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 5JUNij.UqmPYEOIh2vXTMtJBUZ0ylOco
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH0V0W69TQ8D6YM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1415
x-amz-id-2: 5uxhChbLGb6WiVUQzyLJVSxkHvds4ZtUXq0fTGk0kZa2gMDn7PqhGRQIiZ/N6ya5OlzFnAYZwB0=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.092219,VS0,VE0
etag: "ec076ec1cc1fedc51316766a8d45ecac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 835

GET
H2 200 lazy-feature-loader.fe5af5d1-1.234.0.min.js Show response
js-agent.newrelic.com/ 1021 B
859 B 42ms
42ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.fe5af5d1-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66db1d8dc6fe0a1b99a135a35cd6ed9aa5e7caa770fe9fc34f9604f8251f6c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Sxc7HMPYCIoYHHigFe5W5f3NUxhRjf3V
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH0AFZ0A5CB5V38
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 434
x-amz-id-2: Dh3Xth+VuIcuD9VMy3tx4NVRzYsq1toXOnqLH/rK1IU8FhVS5qMfYlLeH+Wwh637ONZNpeIvbwM=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.093911,VS0,VE0
etag: "fa750ec7d370548919b723942d638949"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 842

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 48ms
47ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q9WRQ78FTS&gtm=45je36e2&_p=316989810&cid=621869158.1687356169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1687356168&sct=1&seg=0&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&dt=Claim%20Your%20Entry&en=scroll&epn.percent_scrolled=90&_et=17
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9WRQ78FTS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:02:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 646.c6971123-1.234.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 42ms
42ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/646.c6971123-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4749229e53b3d79c10eaebb0677aabd174fdb6f4c8d16a23797cf6edd00ed7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: KKCQyIn67nD8Ej9RYgdSUl6skd68wGM3
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH5ZVDXRVR20T0E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3228
x-amz-id-2: Kj3WvjpfElMSUDEHsiGcNs0W4LXDx843Zk3Ei4BDx8RRfArAPP7MBv9+mcD8Qr2Ptm6aD7urjDo=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.137536,VS0,VE0
etag: "1a207159e814175fd08a8dd0e8e99395"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 818

GET
H2 200 page_view_event-aggregate.e157f7ce-1.234.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 44ms
44ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.e157f7ce-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

17f965adf68bf2c2864792c84e44933340f5063bff42052fa6b7b261ae5788aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: xB10YLAinI4VcsmtWPQLkL82yyChDw8h
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHD71WK4DN9KTDS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4112
x-amz-id-2: b26ZJLD2dBRI43U0xkhBtadTN8pipvtHhfFXh3RUiI+/cia89q//6mTul7sD0k3oM87utwUZBEE=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:57 GMT
server: AmazonS3
x-timer: S1687356169.138179,VS0,VE0
etag: "76dc5e1ac46bc2e919a1a576ad78ebf0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 822

GET
H2 200 page_view_timing-aggregate.ad791b05-1.234.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 43ms
43ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ad791b05-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b87e0f78bb0fe82aa1d35de5bd500d2cf66e28ad2b249267d0276231e6a515b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD0wziwaR080IEjFP9Vw5xusku3OpJis
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHFJ625R5XRH6PQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5618
x-amz-id-2: XDMiOuDPbbSXud/UK+lUSUgnge4RlQS5mew31FigRA2Shn1BBSSuTcl380/0S9MJhwvAzRojm7A=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:57 GMT
server: AmazonS3
x-timer: S1687356169.138218,VS0,VE0
etag: "8ee84e91af01c0b4903a91e11030600a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 816

GET
H2 200 metrics-aggregate.75d6a08d-1.234.0.min.js Show response
js-agent.newrelic.com/ 9 KB
3 KB 49ms
49ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.75d6a08d-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8875645e7eee7c97850cf563bec0c75a942592af2a4ad3b9a89eb2c9874c9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: mCqBO3coU8D3_FKfMj3BO1j86s_MNe9d
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH74H1VADG9FVVR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3129
x-amz-id-2: LOn3WnXRxId7fqrGzlETjTfYX8C+wltb+zpziCBxMPiH2/Ym7GNE+HWUwkyQbVEH3Uvuf53V+MU=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.138341,VS0,VE0
etag: "ba2f72ad6d27a913a4fc12ed40919753"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 813

GET
H2 200 jserrors-aggregate.8c74e315-1.234.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 50ms
50ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.8c74e315-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2d5fab947ab4085a7b8673877f3f4615f7b495e0f0f6c91a71f22977b2d23ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: u060NqhBdUjyhVsOTlmI_Zbs2ogEQdZp
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH9NZ528E78Y52R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3765
x-amz-id-2: oBNPPLQ5wdf3QQL6oPgRq7eNL8g8oOz4yFU6Y1GYQSBJIQsjf4sh/oRYLD3QNc6RMWet5Na/omU=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.138504,VS0,VE0
etag: "66d41b1724890e2ae7ad3229fa31a555"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 651

GET
H2 200 ajax-aggregate.716f46cf-1.234.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 53ms
53ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.716f46cf-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89d209be0a2c3c47bb6829f0f7b9770a23bbb96b9145ea8611ad731962909e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: MG0EWfXpjMJDqll7KGHtzkEl5e_Pyo76
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHB7DB2ZEKKGSQA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3242
x-amz-id-2: DPpfMczKM/yqYhNj8HwOub+b9lRdpziOVYGQZv5J3/Hf3lUht1TCEQ4BMPY9CFeBRqm9OXOG5Q4=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:56 GMT
server: AmazonS3
x-timer: S1687356169.138822,VS0,VE0
etag: "249814b2e96f82632a081b2a4a12afb9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 646

GET
H2 200 session_trace-aggregate.715c3096-1.234.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 54ms
54ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.715c3096-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb515261d100969556d599604c099be5ff928293f94b179b17fb1dc031d035cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: jEhlbdYLZ.k_XGs5YPOOU2.nnGVscbnG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH1MS3ABM2DNDDQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4077
x-amz-id-2: rsnwH8+NtiE8pPFQkLI0qinhxCHOvU/ZVAsW/aRadZCkax4uX9t3UjpVNt4TdQpxG3PZ68ng00Y=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:57 GMT
server: AmazonS3
x-timer: S1687356169.139026,VS0,VE0
etag: "d28ca9e84efa6373425d50ed97873506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 647

GET
H2 200 page_action-aggregate.e03e2220-1.234.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 56ms
56ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.e03e2220-1.234.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

87183aab47e5a04f75574835a7570e1a32221d0a830c2f59ebcdb8ae09d9fe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: aAMdi2MnrkMeg35VN3RuVCcpOp855iUE
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 14:02:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH3RX6A4JYPR9WH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2098
x-amz-id-2: cA+x1RR90emQWyOSjUMyuqoW8ONImZjBO7og1Ztqz1ZNQGs3L+1+bb1xGNaibLBpX6uxndZVfKw=
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Tue, 06 Jun 2023 18:32:57 GMT
server: AmazonS3
x-timer: S1687356169.139111,VS0,VE0
etag: "a94615ba1ab698a85ee2981070be0b7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 647

POST
H/1.1 200
OK cf1f842459 Show response
bam.nr-data.net/1/ 40 B
475 B 299ms
202ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf1f842459?a=78107916&v=1.234.0&to=Y1ZQYkRTW0BRWkRQWFocdENYUUFaX1cfTlJWQFtCUxxDWlVOQwNUVUdRXmlTWV9vTEJVRA%3D%3D&rst=1971&ck=0&s=51e8b9bf6b7c1ad5&ref=https://play.sweepstakesalerts.com/welcome-back&af=err,xhr,stn,ins&ap=75&be=641&fe=1235&dc=543&perf=%7B%22timing%22:%7B%22of%22:1687356167202,%22n%22:0,%22f%22:156,%22dn%22:158,%22dne%22:158,%22c%22:158,%22s%22:291,%22ce%22:431,%22rq%22:432,%22rp%22:641,%22rpe%22:776,%22di%22:1184,%22ds%22:1184,%22de%22:1185,%22dc%22:1874,%22l%22:1874,%22le%22:1877%7D,%22navigation%22:%7B%7D%7D&fp=1189&fcp=1464
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Jun 2023 14:02:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://play.sweepstakesalerts.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7dacca9a0def3576-WAW
Content-Length: 40

POST
H2 200 p Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 143ms
142ms Fetch
application/json 3.232.210.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/p

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.210.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-210-215.compute-1.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:02:49 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

POST
H2 200 pc Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 143ms
143ms Fetch
application/json 3.232.210.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/pc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.210.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-210-215.compute-1.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:02:49 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=316989810&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&ul=en-us&de=UTF-8&dt=Claim%20Your%20Entry&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=See%20Push%20Optin&_u=aHDAAEADQAAAACAAI~&jid=&gjid=&cid=621869158.1687356169&tid=UA-46324972-3&_gid=253070805.1687356169&gtm=45He36e2n81P7FW2V8&cd3=298&cd4=&cd7=laredopetro.com&cd8=4bed1cce4c4a072013c8e89362f0af0f&cd11=72237&cd12=115820&cd13=23965954&z=1026362640

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 00:30:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48714
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
254 B 138ms
45ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=0&ssd=1&est=1687356168732&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1687356170308&vi=1687356168728&ri=c35455fe8a4fac6506dc49fc3268149d&ref=null&cv=20230618-2-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&ler=other
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Wed, 21 Jun 2023 14:02:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
253 B 46ms
45ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=4580&scd=0&ssd=1&est=1687356168732&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1687356173313&vi=1687356168728&ri=c35455fe8a4fac6506dc49fc3268149d&ref=null&cv=20230618-2-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fwelcome-back%3Femail%3Dtony.harger%2540laredopetro.com%26firstname%3DTony%26lastname%3DHarger%26e%3D4bed1cce4c4a072013c8e89362f0af0f%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-WhatIf-1145-5k%26utm_campaign%3Dtransactional%26affid%3D1659%26campaignid%3D10199%26message_id%3D72237%26message_version_id%3D115820%26source%3DOther%26adgroup_id%3D1159%26age%3D%26gender%3D%26aff_sub%3D1159%26aff_sub2%3D72237%26aff_sub3%3D2027%26aff_sub4%3D%26aff_sub5%3D115820%26aff_unique3%3D10199%26aff_unique5%3D4bed1cce4c4a072013c8e89362f0af0f&ler=other
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/welcome-back?email=tony.harger%40laredopetro.com&firstname=Tony&lastname=Harger&e=4bed1cce4c4a072013c8e89362f0af0f&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-WhatIf-1145-5k&utm_campaign=transactional&affid=1659&campaignid=10199&message_id=72237&message_version_id=115820&source=Other&adgroup_id=1159&age=&gender=&aff_sub=1159&aff_sub2=72237&aff_sub3=2027&aff_sub4=&aff_sub5=115820&aff_unique3=10199&aff_unique5=4bed1cce4c4a072013c8e89362f0af0f
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Wed, 21 Jun 2023 14:02:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clicks.swpstrack.com/	1969-12-31 23:59:59	Name: TEMP_DATA Value: 7a2b4e41-211f-44f0-9b3e-11c1a87f3bcf
clicks.swpstrack.com/	1969-12-31 23:59:59	Name: esg1 Value: cR5/u0_b/h1kOhDY-eh_3n3WdeOk-PQ/W/cTRJv/F/b6d8ca61
play.sweepstakesalerts.com/	1970-01-20 13:02:45	Name: sessionid Value: eto8wlnxr5rij92pnh86tszmg92fk29t
.sweepstakesalerts.com/	1970-01-20 12:44:02	Name: _gid Value: GA1.2.253070805.1687356169
.sweepstakesalerts.com/	1970-01-20 14:52:12	Name: _gcl_au Value: 1.1.1864151924.1687356169
.sweepstakesalerts.com/	1970-01-20 12:42:36	Name: _gat_UA-46324972-3 Value: 1
.sweepstakesalerts.com/	1970-01-20 12:44:02	Name: _uetsid Value: 4df805f0103c11ee983a75100d2e80c9
.sweepstakesalerts.com/	1970-01-20 22:04:12	Name: _uetvid Value: 4df81690103c11eea902817f46030410
.sweepstakesalerts.com/	1970-01-20 22:18:36	Name: __nbpix_uid Value: 1-iivxkre0-lj5saof9
.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: __nbpix_utm Value: {"utm_source":"sweepstakesalerts","utm_medium":"email-es","utm_term":"ONSITE-WhatIf-1145-5k","utm_campaign":"transactional"}
.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sweepstakesalerts.com
.sweepstakesalerts.com/	1970-01-20 22:18:36	Name: _lc2_fpi Value: b5db4fe28af0--01h3f47phswdm4dysbtt0nghwv
.bing.com/	1970-01-20 22:04:12	Name: MUID Value: 2C957172D05B628A29296245D173637A
.tiktok.com/	1970-01-20 22:04:12	Name: _ttp Value: 2RWBtCQ49n5OOZoYzNeok5HNtCl
.quantserve.com/	1970-01-20 22:12:50	Name: mc Value: 64930308-ddaac-ce1b3-99024
.sweepstakesalerts.com/	1970-01-20 22:07:04	Name: __qca Value: P0-1612894461-1687356168752
.criteo.com/	1970-01-20 22:04:12	Name: uid Value: 56487913-e182-4652-afa1-0186da42b0b7
.sweepstakesalerts.com/	1970-01-20 22:04:12	Name: _tt_enable_cookie Value: 1
.sweepstakesalerts.com/	1970-01-20 22:04:12	Name: _ttp Value: Jwgs7QqhUjDo3eskqvLIcDJwUd5
.sweepstakesalerts.com/	1970-01-20 22:12:00	Name: cto_bundle Value: Xr_oY19FZUY3Q2NBeFMyVU85VHphWGNUTWJaeTV3YzJHU09FZTBQMmRzQjNIbzFKejh1Z21acTg0dTRMNnJHbFRvSVVuVlo5T0cxbmFvRzhtbXMlMkYlMkJndFJHaU43ZjFLbkhmJTJGNFdEcnYxVXNBS0VWNzdjekxGaGd2bGxhY0prb0RXTjNvR2R3U1JuSmZkeHJhV2NwZWpuaVR2bldkNlR3RGFFNzBLQUQ0eXlZVmFMSnclM0Q
.liadm.com/	1970-01-20 22:18:36	Name: lidid Value: 7dac47a9-02e9-47ee-8ad3-b74e50a967b3
.sweepstakesalerts.com/	1970-01-20 22:18:36	Name: _ga Value: GA1.2.621869158.1687356169
.sweepstakesalerts.com/	1970-01-20 22:18:36	Name: _ga_Q9WRQ78FTS Value: GS1.1.1687356168.1.0.1687356169.59.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.pushy.ai
b-code.liadm.com
bam.nr-data.net
bat.bing.com
business.newsbreak.com
cdn.play.sweepstakesalerts.com
cdn.sweepstakesalerts.com
cdn.taboola.com
clicks.swpstrack.com
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
js-agent.newrelic.com
media.giphy.com
pbsw.pushy.ai
pixel.quantserve.com
play.sweepstakesalerts.com
region1.analytics.google.com
rp.liadm.com
rules.quantcount.com
secure.quantserve.com
static.newsbreak.com
stats.g.doubleclick.net
sw.pushy.ai
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
13.107.21.200
13.32.99.21
141.226.228.48
142.250.181.238
142.250.184.234
142.250.185.163
142.250.185.196
142.250.186.136
151.101.193.44
151.101.194.137
162.247.241.14
169.150.247.33
172.217.23.99
173.194.76.157
178.250.1.11
178.250.7.16
18.66.112.52
18.66.147.124
18.66.147.92
18.66.97.30
199.232.194.2
2.23.7.9
216.239.32.36
3.232.210.215
3.93.206.78
35.160.201.66
35.172.0.175
91.199.51.233
91.228.74.166
0397af58b67028636440dca0ba6617f4b9b1bdfb977341520042316d7c1ea4f6
05657a0498512274f63e06819f0bc2cccedb4cca2cc6d08e7b034bb2943d97ad
06d0ba56744d506c07770fc74539557305d177957c55e9640cf96661ed8e2487
0b87e0f78bb0fe82aa1d35de5bd500d2cf66e28ad2b249267d0276231e6a515b
0c67c709002aa57e46a4951b063d49d65dae29a98165c4cd31d71ae927438c82
13cd0737ec0933d192a2579e03a8f18a7af6b8cd7b98ddf721a70529702b186e
17f965adf68bf2c2864792c84e44933340f5063bff42052fa6b7b261ae5788aa
1c53e3dff890c1bf445a3f8547a966be797de84c676e7d996f6c84112ab88feb
244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b
27784257e0c9c3c9a3e609b356f890dff493fd113e84a7c29537f5c986f1ea73
2b176c7b958b22ccb5a1bf038ac04c07d122d3a30ef4e351930cdf3272b0ed4e
2d5fab947ab4085a7b8673877f3f4615f7b495e0f0f6c91a71f22977b2d23ade
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
33e15c84216491dfd2f3295ce905ab0b66bfc10d01626e4a510e3f6ba03355e0
3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46e6b614bdf28054530044130c1003cab249447aa8296b6d6a87bb47b9ac7044
4749229e53b3d79c10eaebb0677aabd174fdb6f4c8d16a23797cf6edd00ed7ed
53c20cf9b319c6eda8c8d75111fe74f2e3dd787f95f30601b2b151340cdd4078
5a80d5777896f0c08dc947f4b293830d47f1ae5b08d36b2bdcc64aadc5b9f574
66db1d8dc6fe0a1b99a135a35cd6ed9aa5e7caa770fe9fc34f9604f8251f6c0a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
74544526b2a63982548fc5a3de7332d85b2499d92e6de73b3ac714e1bec64fd4
815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87183aab47e5a04f75574835a7570e1a32221d0a830c2f59ebcdb8ae09d9fe1b
89d209be0a2c3c47bb6829f0f7b9770a23bbb96b9145ea8611ad731962909e77
8c34184b86f7b29d6235a12fdf8d896ad7f161f7096a72c3bf7b595ec4f00cf8
94bc81376b4134a1455bf5d7ff03214bea56639e7b3a4ad21558e61dc5e5a386
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9f22ab9123908fe93446fa8948afd411ab7e9b37360d3fd60ce357aa4d6383b7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6289d9cd6ab88d70ba405980f406b61aad967a7323e9e1d744f28afdadcc317
a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7445293280ba396741a88f00e1690d4f620444089caa2272c800eb305d04ab9
b8875645e7eee7c97850cf563bec0c75a942592af2a4ad3b9a89eb2c9874c9dc
bbc1110df5d29b86006bed11ff6cac5a0725ec5e92850230e5a416e51897ad9d
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
cb515261d100969556d599604c099be5ff928293f94b179b17fb1dc031d035cc
cc53e32f3ec0024b31f6ba9c036c338b632b7747062db8088f6349f20d9fb194
ccacce7b8f43e5f26ec58a8645327be29e4600f1c47944a19a712acdc51bf4fd
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
dc058f8a7aac64c4b0057f71ac0f40d040edc99c221f2cc06043a61e0aa8e0a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df56f740d4cddadaaee90c2b03a8c20a31f57bc2ee5db684813eab504a227d41
dfb99dee1e029d51d6cfb672d847929890b1585402de17f5ed092edd72a688b4
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0b05836be7769383aa9b0231d6b80516c32be1084ea4a28042de707593b90c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

play.sweepstakesalerts.com Open in urlscan Pro 3.93.206.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

0 %IPv6

21 Domains

32 Subdomains

28 IPs

6 Countries

2854 kBTransfer

4138 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

play.sweepstakesalerts.com Open in urlscan Pro
3.93.206.78 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

28
IPs

6
Countries

2854 kB
Transfer

4138 kB
Size

23
Cookies

70 HTTP transactions
0 data transactions