play.sweepstakesalerts.com Open in urlscan Pro
54.196.71.180 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e...
Submission: On July 17 via manual (July 17th 2022, 12:53:37 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 20 domains to perform 64 HTTP transactions. The main IP is 54.196.71.180, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is play.sweepstakesalerts.com. The Cisco Umbrella rank of the primary domain is 353078.
TLS certificate: Issued by Amazon on February 14th 2022. Valid for: a year.

This is the only time play.sweepstakesalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	54.196.71.180 54.196.71.180	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	18.64.103.108 18.64.103.108	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.125 108.138.36.125	16509 (AMAZON-02) (AMAZON-02)
2	89.187.169.3 89.187.169.3	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:223... 2600:9000:223f:6400:5:c56e:3a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:1e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:7000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.19.116 107.21.19.116	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:136... 2600:1f18:136:3d02:96b6:d1f5:a685:cf27	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:2133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
64	30

3 54.196.71.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-71-180.compute-1.amazonaws.com

play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.64.103.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-108.txl50.r.cloudfront.net

cdn.play.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-125.muc50.r.cloudfront.net

cdn.sweepstakesalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com

sw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbsw.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6400:5:c56e:3a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

potatojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:136:3d02:96b6:d1f5:a685:cf27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.pushy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2133 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gstatic.com fonts.gstatic.com www.gstatic.com	409 KB
10	sweepstakesalerts.com play.sweepstakesalerts.com — Cisco Umbrella Rank: 353078 cdn.play.sweepstakesalerts.com — Cisco Umbrella Rank: 580862 cdn.sweepstakesalerts.com — Cisco Umbrella Rank: 456504	416 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 600 c.clarity.ms — Cisco Umbrella Rank: 1163 k.clarity.ms — Cisco Umbrella Rank: 6012	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	64 KB
5	pushy.ai sw.pushy.ai — Cisco Umbrella Rank: 119152 pbsw.pushy.ai — Cisco Umbrella Rank: 62709 api.pushy.ai — Cisco Umbrella Rank: 21452	9 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4345 gum.criteo.com — Cisco Umbrella Rank: 410 mug.criteo.com — Cisco Umbrella Rank: 2434	22 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 trc.taboola.com — Cisco Umbrella Rank: 702 trc-events.taboola.com — Cisco Umbrella Rank: 1612	19 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 398 c.bing.com — Cisco Umbrella Rank: 235	13 KB
4	google.com www.google.com — Cisco Umbrella Rank: 17	23 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3802 rp.liadm.com — Cisco Umbrella Rank: 2631 rp4.liadm.com — Cisco Umbrella Rank: 9695	12 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1149 pixel.quantserve.com — Cisco Umbrella Rank: 489	10 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 305	715 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 477	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4915	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	449 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1093	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	5 KB
1	potatojs.com potatojs.com — Cisco Umbrella Rank: 872575	86 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	76 KB
64	20

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google-analytics.com	www.googletagmanager.com play.sweepstakesalerts.com
5	cdn.play.sweepstakesalerts.com	play.sweepstakesalerts.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	play.sweepstakesalerts.com www.gstatic.com www.google.com
3	k.clarity.ms	play.sweepstakesalerts.com
3	api.pushy.ai	play.sweepstakesalerts.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com play.sweepstakesalerts.com
3	play.sweepstakesalerts.com	play.sweepstakesalerts.com
2	trc-events.taboola.com	play.sweepstakesalerts.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	cdn.sweepstakesalerts.com	play.sweepstakesalerts.com
1	bam.nr-data.net	js-agent.newrelic.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	play.sweepstakesalerts.com
1	pixel.quantserve.com	play.sweepstakesalerts.com
1	www.google.de	play.sweepstakesalerts.com
1	mug.criteo.com	play.sweepstakesalerts.com
1	stats.g.doubleclick.net	play.sweepstakesalerts.com
1	rp4.liadm.com	play.sweepstakesalerts.com
1	rp.liadm.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	trc.taboola.com	cdn.taboola.com
1	pbsw.pushy.ai	sw.pushy.ai
1	dynamic.criteo.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	cdn.taboola.com	play.sweepstakesalerts.com
1	secure.quantserve.com	www.googletagmanager.com
1	fonts.googleapis.com	cdn.play.sweepstakesalerts.com
1	cdnjs.cloudflare.com	play.sweepstakesalerts.com
1	potatojs.com	play.sweepstakesalerts.com
1	sw.pushy.ai	play.sweepstakesalerts.com
1	www.googletagmanager.com	play.sweepstakesalerts.com
64	35

This site contains no links.

Subject Issuer	Validity	Valid
sweepstakesalerts.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
cdn.play.sweepstakesalerts.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
sw.pushy.ai R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
potatojs.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
pbsw.pushy.ai R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
pushy.ai Amazon	`2021-11-30` - `2022-12-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Frame ID: FE31F38D21AB57969D98369B14A117F0
Requests: 54 HTTP requests in this frame

Frame: https://pbsw.pushy.ai/wps/cross_storage
Frame ID: F77ACAB4CCE1B9874BCC167F6AB181AC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag
Frame ID: C98CFB5027CDB3CE44578E582872C5BB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jloht8dip9fb
Frame ID: 79F803398A99731D6EA2887F07B540B5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win 50000 Today

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

64
Requests

95 %
HTTPS

58 %
IPv6

20
Domains

35
Subdomains

30
IPs

6
Countries

1206 kB
Transfer

2559 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://rp.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MmEwMTo0YTA6MmI6OjEy&n3pc=true

Request Chain 42

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PAjEPXxOYVNvNzVsYzFvTU9OWDkwM3NMZjJQOUNFY0RUVStQREJTTDFwUmsramFSOHNYcE8vV1lxRER0TnFwSkFWbE5mNHZLN2Z0bURJNnNhMDZvTVJUTnNMWGRJQmorejB6c09oWkJoODlNZ1BtcS92cVl4WG9NUmJ0L3hCaExqelhYMDNDRFY0ZGl1azdVVFVBM1lJb2g3UVB4R3NwV0E4c203aU9YVjBzYUJpREYvWE9OMlZ1THhPUHZBYy8rbi9nTm5OUFNpYU5ua1ZETzl6KzdNbEtSUTQwNldSQTh2ZGNRZ3Q5ZlhGaU1yc0tzUnJWZFdoRy8vL0lkOFJHTGk0ZEJIZVBOalljZjh1OXNoZG92QlhMUFp5aUIyZkpTSjQ3bFYweWkvUEs1c2tDST18&cppv=2

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&RedC=c.clarity.ms&MXFR=1CC1947A0B1D6A8200F7859E0F1D64DA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&MUID=0E521B54999865932F150AB098346490

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request spin-to-win-50k Show response
play.sweepstakesalerts.com/ 66 KB
26 KB 405ms
179ms Document
text/html 54.196.71.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.71.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-71-180.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

4d57c9c95b781c76d707912a0d05138da845c3eae155221209fa7f1be7243c7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 00:53:30 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Cookie
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
play.sweepstakesalerts.com/members/ 432 B
775 B 104ms
103ms XHR
application/json 54.196.71.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/members/?md5=804adb7bbe284abf537370fd3062476d

Requested by

Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.71.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-71-180.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

063d31dfdb639257d600733117f9743ef417c308588dd8edc4f137327bc93483

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
Referer: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: gzip
vary: Cookie
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4LBlVRVRYSTEFYUhEXC0VSFAM8D1UPWgdKGhgCH1UXUQFXBFZUBQRQUFcBBAhUU1UEBRtLVR0UB1RTWltRVgpXAAhSBVEEDkMdB1IOF1Nq
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
76 KB 73ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

404bae4f3f3a27db4809b62147d8f2817f81a001344c9575dc3fbc2b2b43f62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77043
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Jul 2022 00:53:30 GMT

GET
H2 200 34a85a69b16a.css
cdn.play.sweepstakesalerts.com/static/css/ 34 KB
8 KB 86ms
13ms Stylesheet
text/css 18.64.103.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-108.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:52:07 GMT
content-encoding: gzip
last-modified: Wed, 22 May 2019 15:19:27 GMT
server: AmazonS3
age: 432084
etag: "977751e0bba21d85af41821971fcff8f"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 7673
x-amz-cf-id: DRiyd3-loNMvzgeaVnQDv3onX2V1EUwFIv50hdc8phhqzuRWKY6Kxg==

GET
H2 200 dark-bg.jpg
cdn.sweepstakesalerts.com/images/2021/06/21/ 171 KB
172 KB 86ms
19ms Image
image/jpeg 108.138.36.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2021/06/21/dark-bg.jpg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-125.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 274f76ec4a8353e03709b939357570efb824f07212c81c56fa5272a8ea27da83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 15:59:54 GMT
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 15:53:55 GMT
server: AmazonS3
age: 464017
etag: "6302b713d1f51efa00f898c529ec092f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800
x-amz-cf-pop: MUC50-P2
accept-ranges: bytes
content-length: 175523
x-amz-cf-id: r239wp6owoqMsG9sT1Ty09ZwvEyrviHlgxdThkvBaCR6Ux8yl11Hyg==

GET
H2 200 wpsmain.js Show response
sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/ 31 KB
7 KB 64ms
15ms Script
application/javascript 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-3.cdn77.com

Software

BunnyCDN-DE-752 /

Resource Hash

f8fbc949098a7fe3568da9f4b7d1239175370dfec7e876761b2011b5d11a0b53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-cachedat: 07/05/2022 20:10:13
cdn-pullzone: 644701
server: BunnyCDN-DE-752
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
cache-control: public, max-age=2592000
cdn-requestid: f54fbbf6971fe96e437e9d8476fadee1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0c1ef8eb68bf.js Show response
cdn.play.sweepstakesalerts.com/static/js/ 99 KB
35 KB 76ms
22ms Script
application/javascript 18.64.103.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/0c1ef8eb68bf.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-108.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 18:13:12 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 18:37:24 GMT
server: AmazonS3
age: 542419
etag: "0f60a24d65cb9143289f788221acedb4"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 34936
x-amz-cf-id: adjDuqK1m4LqxrktsDUrVj5n-OA5lRwUu4BvOneJ8ZrHyzi79GS9QQ==

GET
H2 200 vue.min.js Show response
cdn.play.sweepstakesalerts.com/static/js/js-toolset/ 91 KB
34 KB 83ms
30ms Script
application/javascript 18.64.103.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/js-toolset/vue.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-108.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 03:48:52 GMT
content-encoding: gzip
last-modified: Thu, 03 Oct 2019 20:49:48 GMT
server: AmazonS3
age: 594279
etag: "4bd32d91f96446a41b803d8184d890fa"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 34096
x-amz-cf-id: Yhx2IOUu8VRG4lFR3lAys_RNBns1mH9yBnLYh-Dt265xgG54ZDqkrQ==

GET
H2 200 js-toolset.min.js Show response
potatojs.com/js/1.2/ 259 KB
86 KB 77ms
20ms Script
application/javascript 2600:9000:223f:6400:5:c56e:3a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://potatojs.com/js/1.2/js-toolset.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:5:c56e:3a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4f961769b9b742af0d30b55f904d6ee625162f06fa2073270f3a0c0261dc872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: .eOq1_9bAM61ub7Ddl8T367Eb_b2jk9p
content-encoding: gzip
last-modified: Fri, 21 Aug 2020 18:21:14 GMT
server: AmazonS3
age: 63804
etag: W/"b7eceb6cc9ab645b8251c818fae615e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
date: Sat, 16 Jul 2022 07:10:07 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: IzV6pCc_fH3i9DczqkwYNDqid-9B1OuLjklMIxGyh2Rs8fgBtJ96SQ==

GET
H2 200 v-mask.js Show response
cdn.play.sweepstakesalerts.com/static/js/js-toolset/ 13 KB
4 KB 79ms
27ms Script
application/javascript 18.64.103.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.play.sweepstakesalerts.com/static/js/js-toolset/v-mask.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-108.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 148eac2ff26a5101d654d67a90d060691aac836a35e54c8343289d0091d6e1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 01:00:48 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 13:46:29 GMT
server: AmazonS3
age: 431563
etag: "7f036776f185f3043768b8736626652d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 3656
x-amz-cf-id: lspzyu-_vTYcKFa96-H5n8w5zVg6rELF3rnbDjooAfv5bD0JdLKAsw==

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 45ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6785667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTE018NdJ9PF5jIGIM2HcNZAvapgZxdJ8XLbvUY1GKFpLDG2nIoIi6i2U7%2FHvAElWULyiHTm2LeFb69%2BTh1pbvIsaT3pQqKK1sFpNjhJyMfMs1089wc3xgDIiSxkwoUnf%2FKJfB8qapXlH9Rg107CL20%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72bf004399f4698b-FRA
expires: Fri, 07 Jul 2023 00:53:30 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 52ms
21ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

159e8b1529b80f9684f7ebbf65e8f894043f2ade2df31e257a498220ef585582

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Sun, 17 Jul 2022 00:53:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: cdn.play.sweepstakesalerts.com
URL: https://cdn.play.sweepstakesalerts.com/static/css/34a85a69b16a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 23:47:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Jul 2022 00:53:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Jul 2022 00:53:30 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 119 KB
44 KB 52ms
22ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-W6DW6GG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

631dcd3eab4b463767883567e2a2b91ae9ad26866bd1cae2123aa4ca32f5bb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44567
x-xss-protection: 0
expires: Sun, 17 Jul 2022 00:53:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7042
date: Sat, 16 Jul 2022 22:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 17 Jul 2022 00:56:08 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 83ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 12BE196477664D68A947A790CCB51B63 Ref B: FRA31EDGE0819 Ref C: 2022-07-17T00:53:30Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 17 Jul 2022 00:53:30 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 32ms
13ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: gzip
etag: "77f5L8LR6ldZZZ+q4Q+xaw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 24 Jul 2022 00:53:30 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1163270/ 55 KB
17 KB 140ms
113ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6031f33e12fcb4b241952c363dc1c7f9f978c4c096ae316dec352928ccb2bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: flbA32WfK.d7lrFeVjgBkTqog9CwfNUG
content-encoding: gzip
etag: "32d400ec3b737f7c840dcb37c71844a9"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17419
x-amz-id-2: w1lx1fx3jMhIRw8rvVYwhXaC3QAQZtFDsIZebilTgaGOEjhZOS0TgJngRGlzwDD8wJt7mEkZM8U=
x-served-by: cache-hhn4074-HHN
last-modified: Sun, 10 Jul 2022 11:09:43 GMT
server: AmazonS3
x-timer: S1658019211.950303,VS0,VE104
date: Sun, 17 Jul 2022 00:53:31 GMT
vary: Accept-Encoding
x-amz-request-id: PF5CAB8VTYP7DVHY
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 86
x-cache-hits: 1

GET
H2 200 a-01nn.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 66ms
11ms Script
application/javascript 2600:9000:225e:1e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01nn.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b9522a036b4fb94bef51b72fe54e50087c8c58772280e39d5f3eca7410f7e19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 12:36:39 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
age: 44211
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: CWfF5czpzbe8Aq0La3NVGHc8luiEidq5MG5BFPP3Z3RIAUh82J6z9w==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
14 KB 65ms
18ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=84770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FW2V8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6810bdf5dba2703039212b484abe0bf31878ba0c01812e72f69776bcebc8e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:30 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 45ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 452736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 47ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 475046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 53ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 16:26:19 GMT
x-content-type-options: nosniff
age: 289632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 16:26:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 55ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 461626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:39:45 GMT

GET
H2 200 logo-sweepstakesalerts-white.svg
cdn.play.sweepstakesalerts.com/static/img/ 29 KB
12 KB 16ms
15ms Image
image/svg+xml 18.64.103.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.play.sweepstakesalerts.com/static/img/logo-sweepstakesalerts-white.svg
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-108.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 08:23:21 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 22:48:45 GMT
server: AmazonS3
age: 145810
etag: "e4a2eb296ca372f408d8900e1adafe1e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 11443
x-amz-cf-id: qk9zZMNWtcuLmFNY81W8UHuxBomr27mnap_kAY-HiM-PJuZLmBD3RQ==

GET
H2 200 50k.png
cdn.sweepstakesalerts.com/images/2021/06/21/ 126 KB
126 KB 44ms
42ms Image
image/png 108.138.36.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sweepstakesalerts.com/images/2021/06/21/50k.png
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-125.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01d530b7bea0908d9ccb3c8850370d3af509b62aa6c0acca543cc8d12d945b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:31 GMT
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 15:53:53 GMT
server: AmazonS3
age: 174534
etag: "e35d8d5dd6599e32266629efef7acab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: MUC50-P2
accept-ranges: bytes
content-length: 128629
x-amz-cf-id: PSZs65b6xaEyDrG3tSVEx9ULLfntqXBoiA7M8dpW7oiogJFLlb9mbg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://play.sweepstakesalerts.com/
Origin: https://play.sweepstakesalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 00:33:01 GMT

GET
H2 200 cross_storage Show response
pbsw.pushy.ai/wps/ Frame F77A 2 KB
1 KB 54ms
9ms Document
text/html 89.187.169.3
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://pbsw.pushy.ai/wps/cross_storage
Requested by: Host: sw.pushy.ai
URL: https://sw.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/main/wpsmain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-3.cdn77.com
Software: BunnyCDN-DE-752 /
Resource Hash: 815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 07/05/2022 18:39:54
cdn-edgestorageid: 601
cdn-proxyver: 1.02
cdn-pullzone: 644701
cdn-requestcountrycode: DE
cdn-requestid: 2a8714760b2260577ffed0bbfff8840a
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 13ae11fe-691f-4fee-a846-e4c09c2ae14f
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 17 Jul 2022 00:53:31 GMT
server: BunnyCDN-DE-752
vary: Accept-Encoding

GET
H2 200 json Show response
trc.taboola.com/1163270/trc/3/ 2 KB
1 KB 42ms
29ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1163270/trc/3/json?tim=1658019211217&data=%7B%22id%22%3A429%2C%22ii%22%3A%22%2Fspin-to-win-50k%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1658019211210%2C%22cv%22%3A%2220220710-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbuzzery-sweepstakes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1658019211216%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A91%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1163270/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d453ba7a331bf354f5c2a0da44429a9ee8fef85be69cbefd65b9b5332fe3b37f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Sun, 17 Jul 2022 00:53:31 GMT
content-encoding: gzip
server: nginx
x-timer: S1658019211.237478,VS0,VE20
x-served-by: cache-hhn4074-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
187 B 16ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1578903184&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAAC~&jid=138952173&gjid=1951994947&cid=842050013.1658019211&tid=UA-46324972-3&_gid=605636330.1658019211&_r=1&gtm=2wg7d0P7FW2V8&cd3=871&cd4=&cd7=gmail.com&cd8=804adb7bbe284abf537370fd3062476d&cd11=65443&cd12=105231&cd13=19905763&z=1725767767

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
play.sweepstakesalerts.com/session/ 0
535 B 109ms
108ms XHR
text/html 54.196.71.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://play.sweepstakesalerts.com/session/?ga_client_id=842050013.1658019211

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.71.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-71-180.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
X-NewRelic-ID: UgQAU1JbGwQIVVFVDgAB
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55

Response headers

date: Sun, 17 Jul 2022 00:53:31 GMT
vary: Cookie
x-newrelic-app-data: PxQBU1FRDAsTU1lTBwYOV1ITGhE1AwE2QgNWEVlbQFtcCxYnRA9QFg1ZWU4AFlZdVQgSTEFYUhEXC0VSFAM8EVURSwtXVhYeA0kJTwFQA1BRBwVZVVUMBgZWWFoPAhtLVR0UAVVWBwBWAA0BCl0GAABTCkMdB1IOF1Nq
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/html; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1578903184&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=Pre-Pop%20&el=Single%20Step%20Form&_u=YEDAAEABQAAAAC~&jid=&gjid=&cid=842050013.1658019211&tid=UA-46324972-3&_gid=605636330.1658019211&gtm=2wg7d0P7FW2V8&cd3=871&cd4=&cd7=gmail.com&cd8=804adb7bbe284abf537370fd3062476d&cd11=65443&cd12=105231&cd13=19905763&z=474092951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1578903184&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=Viewed%20&el=Single%20Step%20Form&_u=YEDAAEABQAAAAC~&jid=&gjid=&cid=842050013.1658019211&tid=UA-46324972-3&_gid=605636330.1658019211&gtm=2wg7d0P7FW2V8&cd3=871&cd4=&cd7=gmail.com&cd8=804adb7bbe284abf537370fd3062476d&cd11=65443&cd12=105231&cd13=19905763&z=1398887580

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1578903184&t=event&ni=0&_s=1&dl=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&ul=en-us&de=UTF-8&dt=Win%2050000%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Acquisition&ea=See%20Push%20Optin&el=Single%20Step%20Form&_u=YHDAAEABQAAAAC~&jid=&gjid=&cid=842050013.1658019211&tid=UA-46324972-3&_gid=605636330.1658019211&gtm=2wg7d0P7FW2V8&cd3=871&cd4=&cd7=gmail.com&cd8=804adb7bbe284abf537370fd3062476d&cd11=65443&cd12=105231&cd13=19905763&z=40077343

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 11:03:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-KgfKnLKEydhQX.js Show response
rules.quantcount.com/ 663 B
1 KB 468ms
414ms Script
application/javascript 2600:9000:223c:7000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-KgfKnLKEydhQX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:32 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 663
last-modified: Wed, 09 Oct 2019 21:46:18 GMT
server: AmazonS3
etag: "24bfe90597a01d37400814a2e514eed3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 3lSEBmgwyfzmLlrX2__UmMx2KDJMBVKfnXT9Ro_chlSKN0P7HdIhtA==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C98C 15 KB
6 KB 62ms
27ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=play.sweepstakesalerts.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=84770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 00:53:30 GMT
server-processing-duration-in-ticks: 2403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 26042910.js Show response
bat.bing.com/p/action/ 828 B
749 B 215ms
213ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26042910.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e594b2171b903ac4b6bd455181f23eedecf3e1e17af5cb241f7fbbdcd9460f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9F4E28CE0FC4E01B166AEA935000A4F Ref B: FRA31EDGE0819 Ref C: 2022-07-17T00:53:31Z
date: Sun, 17 Jul 2022 00:53:31 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 572

GET
H2 204 0
bat.bing.com/action/ 0
177 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26042910&tm=gtm002&Ver=2&mid=e3190923-3530-4405-802b-3561926f3f32&sid=e0b4ca60056a11edbdc939da67e2a702&vid=e0b4fe30056a11ed86e593d8f16ed04d&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Win%2050000%20Today&p=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&r=&lt=829&evt=pageLoad&msclkid=N&sv=1&rn=577490

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 275F5C4A977445FC9D4FAD7892F73FE9 Ref B: FRA31EDGE0819 Ref C: 2022-07-17T00:53:31Z
date: Sun, 17 Jul 2022 00:53:31 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 79F8 41 KB
21 KB 56ms
29ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jloht8dip9fb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94235bc23d6d1c05289322e2a961d3fbdb421c418ef9dbb3e345a8c59c06d0c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HDt9q7X_x_Ga7MSqtMeX6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://play.sweepstakesalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21896
content-security-policy: script-src 'report-sample' 'nonce-HDt9q7X_x_Ga7MSqtMeX6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Jul 2022 00:53:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D...
https://rp4.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3...

13 B
552 B

475ms
95ms

XHR
application/json

107.21.19.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MmEwMTo0YTA6MmI6OjEy&n3pc=true

Requested by

Protocol

Server

107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-19-116.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:32 GMT
x-pixel-event-id: 0c0baa05-e78a-4b19-9242-8e3fd64d510c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: d21344a581a0473d
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Sun, 17 Jul 2022 00:53:31 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1658019211388&aid=a-01nn&se=e30&duid=b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990&tna=v2.4.0&pu=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPldpbiA1MDAwMCBUb2RheTwvdGl0bGU-PGgxIGlkPSJjb21wbGV0ZS15b3VyLWVudHJ5IiBjbGFzcz0idGV4dC1jZW50ZXIgbWFpbi1oZWFkaW5nIj5HZXQgUGlja2VkIDxzcGFuPkluc3RhbnRseTwvc3Bhbj48L2gxPg&i6=MmEwMTo0YTA6MmI6OjEy&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://play.sweepstakesalerts.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: b15dccbd7643fade
request-time: 0
content-length: 0
x-content-type-options: nosniff

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46324972-3&cid=842050013.1658019211&jid=138952173&gjid=1951994947&_gid=605636330.1658019211&_u=YEBAAEAAQAAAAC~&z=1509214795

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 17 Jul 2022 00:53:31 GMT
content-type: text/plain
access-control-allow-origin: https://play.sweepstakesalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rl Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
129 B 298ms
95ms Fetch
application/json 2600:1f18:136:3d02:96b6:d1f5:a685:cf27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/rl

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:96b6:d1f5:a685:cf27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Jul 2022 00:53:31 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

POST
H2 200 p Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 296ms
96ms Fetch
application/json 2600:1f18:136:3d02:96b6:d1f5:a685:cf27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/p

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:96b6:d1f5:a685:cf27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Jul 2022 00:53:31 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H2

200

sid Show response
mug.criteo.com/ Frame C98C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=sweepstakesalerts.com&sn=ChromeSyncframe&so=0&topUrl=play.sweepstakesalerts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PAjEPXxOYVNvNzVsYzFvTU9OWDkwM3NMZjJQOUNFY0RUVStQREJTTDFwUmsramFSOHNYcE8vV1lxRER0TnFwSkFWbE5mNHZLN2Z0bURJNnNhMDZvTVJUTnNMWGRJQmorejB6c09oWkJoODlNZ1BtcS92cVl4WG9NUmJ0L3...

459 B
649 B

78ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PAjEPXxOYVNvNzVsYzFvTU9OWDkwM3NMZjJQOUNFY0RUVStQREJTTDFwUmsramFSOHNYcE8vV1lxRER0TnFwSkFWbE5mNHZLN2Z0bURJNnNhMDZvTVJUTnNMWGRJQmorejB6c09oWkJoODlNZ1BtcS92cVl4WG9NUmJ0L3hCaExqelhYMDNDRFY0ZGl1azdVVFVBM1lJb2g3UVB4R3NwV0E4c203aU9YVjBzYUJpREYvWE9OMlZ1THhPUHZBYy8rbi9nTm5OUFNpYU5ua1ZETzl6KzdNbEtSUTQwNldSQTh2ZGNRZ3Q5ZlhGaU1yc0tzUnJWZFdoRy8vL0lkOFJHTGk0ZEJIZVBOalljZjh1OXNoZG92QlhMUFp5aUIyZkpTSjQ3bFYweWkvUEs1c2tDST18&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

920f0e150e28c106834f3ca46fe22aafc0efc61b302ad1c2b89f0cce9dd3fc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4502
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=PAjEPXxOYVNvNzVsYzFvTU9OWDkwM3NMZjJQOUNFY0RUVStQREJTTDFwUmsramFSOHNYcE8vV1lxRER0TnFwSkFWbE5mNHZLN2Z0bURJNnNhMDZvTVJUTnNMWGRJQmorejB6c09oWkJoODlNZ1BtcS92cVl4WG9NUmJ0L3hCaExqelhYMDNDRFY0ZGl1azdVVFVBM1lJb2g3UVB4R3NwV0E4c203aU9YVjBzYUJpREYvWE9OMlZ1THhPUHZBYy8rbi9nTm5OUFNpYU5ua1ZETzl6KzdNbEtSUTQwNldSQTh2ZGNRZ3Q5ZlhGaU1yc0tzUnJWZFdoRy8vL0lkOFJHTGk0ZEJIZVBOalljZjh1OXNoZG92QlhMUFp5aUIyZkpTSjQ3bFYweWkvUEs1c2tDST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1471
content-length: 567
expires: 0

POST
H2 200 pc Show response
api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/ 2 B
128 B 377ms
187ms Fetch
application/json 2600:1f18:136:3d02:96b6:d1f5:a685:cf27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushy.ai/wps/da29b3f4-209d-4830-810a-502c7fecc5f9/swev/pc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:136:3d02:96b6:d1f5:a685:cf27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Jul 2022 00:53:31 GMT
server: nginx
content-length: 2
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 79F8 51 KB
24 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jloht8dip9fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 20:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 20:17:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 79F8 366 KB
145 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 00:33:01 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46324972-3&cid=842050013.1658019211&jid=138952173&_u=YEBAAEAAQAAAAC~&z=1958362033

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
25ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46324972-3&cid=842050013.1658019211&jid=138952173&_u=YEBAAEAAQAAAAC~&z=1958362033

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 79F8 2 KB
2 KB 12ms
12ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 366823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Jul 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79F8 15 KB
15 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 373610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79F8 15 KB
15 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 403494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:48:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 79F8 102 B
132 B 17ms
16ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3M8gUAAAAAHflC51We3LuNcNOsZREHtJ0ry10&co=aHR0cHM6Ly9wbGF5LnN3ZWVwc3Rha2VzYWxlcnRzLmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jloht8dip9fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Sun, 17 Jul 2022 00:53:31 GMT

GET
H2 200 26042910 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 177ms
99ms Script
application/x-javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26042910
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26042910.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c5ddfe0ecd373f257e479101b788124e8bb51805b2554d0a7b606822b18583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:31 GMT
x-powered-by: ASP.NET
x-azure-ref: 0i13TYgAAAAC6UID3msfMSYJOQ7ZdWfAsUFJBRURHRTEzMTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length: 1543
expires: -1

GET
H2 200 pixel;r=1249166878;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26...
pixel.quantserve.com/ 35 B
372 B 17ms
16ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1249166878;source=gtm;rf=0;a=p-KgfKnLKEydhQX;url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55;uht=2;fpan=1;fpa=P0-522818318-1658019211754;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=sweepstakesalerts.com;dst=0;et=1658019211753;tzo=0;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.36/ 52 KB
23 KB 102ms
101ms Script
application/javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26042910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 00:53:31 GMT
content-encoding: br
etag: "1d897c159e34826"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0i13TYgAAAABXULAjoFnBR6iEwIrb5tv3UFJBRURHRTEzMTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 34ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4044-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1658019212.970545,VS0,VE0
date: Sun, 17 Jul 2022 00:53:31 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1712

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&RedC=c.clarity.ms&MXFR=1CC1947A0B1D6A8200F7859E0F1D64DA
https://c.clarity.ms/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&MUID=0E521B54999865932F150AB098346490

42 B
367 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&MUID=0E521B54999865932F150AB098346490
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:31 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 17 Jul 2022 00:53:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 706CFFD07564411E993C997E9C98FCD5 Ref B: FRA31EDGE0819 Ref C: 2022-07-17T00:53:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E72851885A974F2C8819EC44F2E38CE0&MUID=0E521B54999865932F150AB098346490
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK cf1f842459 Show response
bam.nr-data.net/1/ 49 B
715 B 577ms
550ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf1f842459?a=78107916&v=1216.487a282&to=Y1ZQYkRTW0BRWkRQWFocdENYUUFaX1cfTlJWQFtCUxxDWlVOQwNUVUdRXmlTWV9vTEJVRA%3D%3D&rst=1741&ck=1&ref=https://play.sweepstakesalerts.com/spin-to-win-50k&ap=84&be=503&fe=1697&dc=801&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1658019210243,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:35,%22c%22:35,%22s%22:129,%22ce%22:226,%22rq%22:226,%22rp%22:405,%22rpe%22:501,%22dl%22:409,%22di%22:801,%22ds%22:801,%22de%22:829,%22dc%22:1696,%22l%22:1697,%22le%22:1701%7D,%22navigation%22:%7B%7D%7D&fp=543&fcp=831&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 17 Jul 2022 00:53:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72bf004b185c9290-FRA

POST
H2 204 collect Show response
k.clarity.ms/ 0
183 B 336ms
105ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Sun, 17 Jul 2022 00:53:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
254 B 95ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=1591&scd=91&ssd=1&est=1658019211213&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1658019212805&vi=1658019211210&ri=81afd932da3f2b01162422ed29d39eb8&ref=null&cv=20220710-5-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Sun, 17 Jul 2022 00:53:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
k.clarity.ms/ 0
25 B 95ms
94ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Sun, 17 Jul 2022 00:53:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 unip Show response
trc-events.taboola.com/1163270/log/3/ 0
253 B 22ms
22ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1163270/log/3/unip?en=pre_d_eng_tb&tos=4593&scd=91&ssd=1&est=1658019211213&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1658019215806&vi=1658019211210&ri=81afd932da3f2b01162422ed29d39eb8&ref=null&cv=20220710-5-RELEASE&item-url=https%3A%2F%2Fplay.sweepstakesalerts.com%2Fspin-to-win-50k%3Futm_content%3D002059%26email%3Dkennedypdx98%2540gmail.com%26firstname%3DMike%26lastname%3DHunt%26e%3D804adb7bbe284abf537370fd3062476d%26utm_source%3Dsweepstakesalerts%26utm_medium%3Demail-es%26utm_term%3DONSITE-Flatiron-1083-5k%26utm_campaign%3Drecurring%26affid%3D1659%26campaignid%3D10199%26message_id%3D65443%26message_version_id%3D105231%26aff_sub%3D1083%26aff_sub2%3D65443%26aff_sub3%3D1719_51liho%26aff_sub4%3D697%26aff_sub5%3D105231%26aff_unique3%3D10199%26aff_unique5%3D804adb7bbe284abf537370fd3062476d%26source%3DGmail%26adgroup_id%3D1083%26gender%3Dmale%26age%3D55
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.sweepstakesalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
pragma: no-cache
date: Sun, 17 Jul 2022 00:53:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 111ms
110ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: play.sweepstakesalerts.com
URL: https://play.sweepstakesalerts.com/spin-to-win-50k?utm_content=002059&email=kennedypdx98%40gmail.com&firstname=Mike&lastname=Hunt&e=804adb7bbe284abf537370fd3062476d&utm_source=sweepstakesalerts&utm_medium=email-es&utm_term=ONSITE-Flatiron-1083-5k&utm_campaign=recurring&affid=1659&campaignid=10199&message_id=65443&message_version_id=105231&aff_sub=1083&aff_sub2=65443&aff_sub3=1719_51liho&aff_sub4=697&aff_sub5=105231&aff_unique3=10199&aff_unique5=804adb7bbe284abf537370fd3062476d&source=Gmail&adgroup_id=1083&gender=male&age=55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://play.sweepstakesalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://play.sweepstakesalerts.com
date: Sun, 17 Jul 2022 00:53:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
play.sweepstakesalerts.com/	1970-01-20 04:53:48	Name: sessionid Value: lyb4tnoqkf8c5pxxhqbjaqe8mov8lzrb
play.sweepstakesalerts.com/	1970-01-20 13:17:48	Name: csrftoken Value: IVCfP9UMfwrt2y8wuprHZMxTz1i8Z9PI25YiFx6kT0jeRCPydri4CNarVbN6gfKH
.sweepstakesalerts.com/	1970-01-20 06:43:15	Name: _gcl_au Value: 1.1.1446694772.1658019211
.bing.com/	1970-01-20 13:55:15	Name: MUID Value: 0E521B54999865932F150AB098346490
.sweepstakesalerts.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .sweepstakesalerts.com
.sweepstakesalerts.com/	1970-01-20 22:04:51	Name: _lc2_fpi Value: b5db4fe28af0--01g84tasxtjvd1ajf6rkfv5990
.sweepstakesalerts.com/	1970-01-20 22:04:51	Name: _ga Value: GA1.2.842050013.1658019211
.sweepstakesalerts.com/	1970-01-20 04:35:05	Name: _gid Value: GA1.2.605636330.1658019211
.sweepstakesalerts.com/	1970-01-20 04:33:39	Name: _gat_UA-46324972-3 Value: 1
.sweepstakesalerts.com/	1970-01-20 04:35:05	Name: _uetsid Value: e0b4ca60056a11edbdc939da67e2a702
.sweepstakesalerts.com/	1970-01-20 13:55:15	Name: _uetvid Value: e0b4fe30056a11ed86e593d8f16ed04d
.criteo.com/	1970-01-20 13:55:15	Name: uid Value: 32237cca-4a73-4a12-b004-c836c659b891
.sweepstakesalerts.com/	1970-01-20 14:03:03	Name: cto_bundle Value: eBiuxF92T1JNaFpBbFB0bUxpdTklMkYlMkIxMCUyRjNBR3pNSDRMNzBiRDJOczRqTUJ3RnRjTzllTzNOZlRzNWdnSWRQTFdCZCUyRlZnSlJtT0E5NEhvVCUyQjFjSDcwUGh3SnR2SHF0WlVLYURFYktCSm1yU2pNNHg1ajhGYVNSak1TTUpWZ0g3Wm5iakI5b0Y4ZFZBR0c3bDdXVXRGT0djczVJRXlRSHNNeWMwTDM1Y1pBUzhTanQwJTNE
.liadm.com/	1970-01-20 22:04:51	Name: lidid Value: 3bee1560-944a-4a9f-8ee2-f60306efcdfa
.quantserve.com/	1970-01-20 14:03:53	Name: mc Value: 62d35d8b-bba77-58419-d5666
.sweepstakesalerts.com/	1970-01-20 13:58:08	Name: __qca Value: P0-522818318-1658019211754
www.clarity.ms/	1970-01-20 13:19:15	Name: CLID Value: 0cc18c3b72074866b05914715ef61ad2.20220717.20230717
.sweepstakesalerts.com/	1970-01-20 13:19:15	Name: _clck Value: gfiyx7\|1\|f38\|0
.c.bing.com/	1970-01-20 13:55:15	Name: SRM_B Value: 0E521B54999865932F150AB098346490
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:55:15	Name: MUID Value: 0E521B54999865932F150AB098346490
.c.clarity.ms/	1970-01-20 04:33:39	Name: ANONCHK Value: 0
.sweepstakesalerts.com/	1970-01-20 04:35:05	Name: _clsk Value: jnqvwc\|1658019212369\|1\|1\|k.clarity.ms/collect
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ca18325961f2a9f0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushy.ai
b-code.liadm.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.play.sweepstakesalerts.com
cdn.sweepstakesalerts.com
cdn.taboola.com
cdnjs.cloudflare.com
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
js-agent.newrelic.com
k.clarity.ms
mug.criteo.com
pbsw.pushy.ai
pixel.quantserve.com
play.sweepstakesalerts.com
potatojs.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
sw.pushy.ai
trc-events.taboola.com
trc.taboola.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
107.21.19.116
108.138.36.125
141.226.228.48
151.101.1.44
151.101.66.137
162.247.241.14
178.250.0.157
178.250.2.140
18.64.103.108
20.234.93.27
20.96.88.162
2600:1f18:136:3d02:96b6:d1f5:a685:cf27
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:223c:7000:6:44e3:f8c0:93a1
2600:9000:223f:6400:5:c56e:3a00:93a1
2600:9000:225e:1e00:8:8845:1500:93a1
2606:4700::6811:180e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:27::cafe:2133
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:830::2004
2a00:1450:400c:c08::9b
2a02:2638::1c
54.196.71.180
89.187.169.3
01d530b7bea0908d9ccb3c8850370d3af509b62aa6c0acca543cc8d12d945b8f
063d31dfdb639257d600733117f9743ef417c308588dd8edc4f137327bc93483
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
148eac2ff26a5101d654d67a90d060691aac836a35e54c8343289d0091d6e1f0
159e8b1529b80f9684f7ebbf65e8f894043f2ade2df31e257a498220ef585582
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
244f03e6430da5686033b5c0ececa20702e15047ef64458993908bbd78d4c24b
274f76ec4a8353e03709b939357570efb824f07212c81c56fa5272a8ea27da83
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3908b1571a9e3ef509ba535215db88a944f6d301e5a3194e21f98b63e4bc7d4b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
404bae4f3f3a27db4809b62147d8f2817f81a001344c9575dc3fbc2b2b43f62c
408a50c1effc5011fd28990e818d1b0f7315306f51e4c73c845aae84a57c21c7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4d57c9c95b781c76d707912a0d05138da845c3eae155221209fa7f1be7243c7f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
631dcd3eab4b463767883567e2a2b91ae9ad26866bd1cae2123aa4ca32f5bb30
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
815ba892a341bb9a0639bf904e33982c263b80414ead45cd11f7ef1828870a64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
920f0e150e28c106834f3ca46fe22aafc0efc61b302ad1c2b89f0cce9dd3fc45
94235bc23d6d1c05289322e2a961d3fbdb421c418ef9dbb3e345a8c59c06d0c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c5ddfe0ecd373f257e479101b788124e8bb51805b2554d0a7b606822b18583
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b44241ddfb23dd4442e04cbd0a0e2193015f22af9f8aaf70166cc7728426d685
b6031f33e12fcb4b241952c363dc1c7f9f978c4c096ae316dec352928ccb2bbc
b6810bdf5dba2703039212b484abe0bf31878ba0c01812e72f69776bcebc8e2f
b9522a036b4fb94bef51b72fe54e50087c8c58772280e39d5f3eca7410f7e19c
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d453ba7a331bf354f5c2a0da44429a9ee8fef85be69cbefd65b9b5332fe3b37f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e594b2171b903ac4b6bd455181f23eedecf3e1e17af5cb241f7fbbdcd9460f8e
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4f961769b9b742af0d30b55f904d6ee625162f06fa2073270f3a0c0261dc872
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8fbc949098a7fe3568da9f4b7d1239175370dfec7e876761b2011b5d11a0b53

play.sweepstakesalerts.com Open in urlscan Pro 54.196.71.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

58 %IPv6

20 Domains

35 Subdomains

30 IPs

6 Countries

1206 kBTransfer

2559 kBSize

24 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

play.sweepstakesalerts.com Open in urlscan Pro
54.196.71.180 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

58 %
IPv6

20
Domains

35
Subdomains

30
IPs

6
Countries

1206 kB
Transfer

2559 kB
Size

24
Cookies

64 HTTP transactions
0 data transactions