www.dealnews.com Open in urlscan Pro
151.101.130.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/gE6BwhRS
Effective URL:
https://www.dealnews.com/pages/sweepstakes/
Submission: On August 03 via manual (August 3rd 2022, 8:45:08 am UTC) from IN — Scanned from DE

Summary HTTP 108 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 29 domains to perform 108 HTTP transactions. The main IP is 151.101.130.49, located in United States and belongs to FASTLY, US. The main domain is www.dealnews.com. The Cisco Umbrella rank of the primary domain is 97371.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on December 24th 2021. Valid for: a year.

This is the only time www.dealnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	199.232.192.249 199.232.192.249	54113 (FASTLY) (FASTLY)
10	2606:4700:303... 2606:4700:3037::ac43:992a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.129.95 151.101.129.95	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.99.40 13.32.99.40	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.121.3 13.32.121.3	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1993	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42:4b::84 2a04:4e42:4b::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a04:4e42:200... 2a04:4e42:200::393	54113 (FASTLY) (FASTLY)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.15.50 18.66.15.50	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	35.170.12.248 35.170.12.248	14618 (AMAZON-AES) (AMAZON-AES)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.224.82.150 3.224.82.150	14618 (AMAZON-AES) (AMAZON-AES)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
108	39

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

swee.ps	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.viralsweep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.49 (United States)

ASN54113 (FASTLY, US)

www.dealnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.249 (United States)

ASN54113 (FASTLY, US)

dealnews.a.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::ac43:992a (United States)

ASN13335 (CLOUDFLARENET, US)

cmp.uniconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.95 (United States)

ASN54113 (FASTLY, US)

c.dlnws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-3.fra60.r.cloudfront.net

tracker.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

v3s8r2c3.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1993 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.12.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-12-248.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.82.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-82-150.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	viralsweep.com 1 redirects app.viralsweep.com — Cisco Umbrella Rank: 89289	297 KB
13	google.com www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 117 apis.google.com — Cisco Umbrella Rank: 161	158 KB
10	uniconsent.com cmp.uniconsent.com — Cisco Umbrella Rank: 21716	111 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	557 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	152 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 c.clarity.ms — Cisco Umbrella Rank: 996 b.clarity.ms — Cisco Umbrella Rank: 5259	27 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	40 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 5173 psp.pushnami.com — Cisco Umbrella Rank: 16715 trc.pushnami.com — Cisco Umbrella Rank: 5489	20 KB
6	dealnews.com www.dealnews.com — Cisco Umbrella Rank: 97371	126 KB
5	dlnws.com c.dlnws.com — Cisco Umbrella Rank: 264041	89 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	176 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2789 log.pinterest.com — Cisco Umbrella Rank: 3703	19 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	175 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 2605	332 B
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2819	107 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
2	marinsm.com tracker.marinsm.com — Cisco Umbrella Rank: 15822	3 KB
1	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1333	722 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 283	720 B
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2738	43 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	9 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5596	548 B
1	stackpathcdn.com v3s8r2c3.stackpathcdn.com — Cisco Umbrella Rank: 33103	356 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	410 B
1	fastly.net dealnews.a.ssl.fastly.net — Cisco Umbrella Rank: 224347	2 KB
1	swee.ps 1 redirects swee.ps	570 B
1	lnkd.in 1 redirects lnkd.in — Cisco Umbrella Rank: 42075	271 B
108	29

	Domain	Requested by
14	app.viralsweep.com	1 redirects www.dealnews.com app.viralsweep.com www.googletagmanager.com
10	cmp.uniconsent.com	www.dealnews.com cmp.uniconsent.com
6	www.gstatic.com	www.google.com accounts.google.com
6	accounts.google.com	www.dealnews.com accounts.google.com apis.google.com www.gstatic.com
6	www.dealnews.com	www.dealnews.com
5	www.google.com	www.dealnews.com www.gstatic.com www.google.com
5	c.dlnws.com	www.dealnews.com
4	platform.twitter.com	app.viralsweep.com platform.twitter.com
4	www.google-analytics.com	www.dealnews.com www.google-analytics.com app.viralsweep.com
4	connect.facebook.net	www.dealnews.com connect.facebook.net app.viralsweep.com
3	bat.bing.com	www.dealnews.com bat.bing.com
3	www.googletagmanager.com	www.dealnews.com www.googletagmanager.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	trc.pushnami.com	api.pushnami.com
2	b.clarity.ms	www.clarity.ms
2	psp.pushnami.com	api.pushnami.com
2	c.clarity.ms	1 redirects
2	syndication.twitter.com	platform.twitter.com
2	res.cloudinary.com	app.viralsweep.com
2	assets.pinterest.com	app.viralsweep.com assets.pinterest.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	tracker.marinsm.com	www.dealnews.com
2	apis.google.com	www.dealnews.com apis.google.com
2	api.pushnami.com	www.dealnews.com api.pushnami.com
1	log.pinterest.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	bam.nr-data.net	js-agent.newrelic.com
1	ak.sail-horizon.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	app.viralsweep.com
1	fonts.gstatic.com	app.viralsweep.com
1	www.google.de	www.dealnews.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	v3s8r2c3.stackpathcdn.com	cmp.uniconsent.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.facebook.com	www.dealnews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	dealnews.a.ssl.fastly.net	www.dealnews.com
1	swee.ps	1 redirects
1	lnkd.in	1 redirects
108	41

This site contains links to these domains. Also see Links.

Domain
www.uniconsent.com
www.chainsawselector.com
www.generatortools.com
www.wakeupsleepyhead.com
www.powerstationpros.com
www.360powertools.com
www.theprojectorexpert.com
www.refrigeratorhq.com
www.washersdryers360.com
corp.dealnews.com
www.facebook.com
www.linkedin.com
www.twitter.com

Subject Issuer	Validity	Valid
www.dealnews.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
default.ssl.fastly.net GlobalSign RSA OV SSL CA 2018	`2021-12-17` - `2023-01-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
c.dlnws.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
viralsweep.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-12` - `2022-08-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.marinsm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-27` - `2023-05-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
api.sail-personalize.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.dealnews.com/pages/sweepstakes/
Frame ID: 72FD5DAC95289F256A0446164CEF3BA5
Requests: 62 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: BF826C1F93CA8832296A4B9B34BACBF1
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=normal&cb=c3g3njg6fvr
Frame ID: 7DEF3AE4B3D755D3E6F95F2F5C64FD34
Requests: 4 HTTP requests in this frame

Frame: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Frame ID: 9A8EC4A6C52E0ECC656122AE3BD598DB
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys
Frame ID: C0FEE0F9412EE51F6744CC3C6DE6FE1A
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fapp.viralsweep.com
Frame ID: 516B3DFFB181F184712C0FA400E76405
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0BC39D71465ACCC0B425A00CCB060FD4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Frame ID: 67720FBB52A1AB05E8A4540963AE15DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sweepstakes

Page URL History Show full URLs

https://lnkd.in/gE6BwhRS HTTP 301
https://swee.ps/DdDjcU_gOxKTxE HTTP 302
https://app.viralsweep.com/rin/111411/3735932 HTTP 302
https://www.dealnews.com/pages/sweepstakes/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js
accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

108
Requests

98 %
HTTPS

55 %
IPv6

29
Domains

41
Subdomains

39
IPs

5
Countries

2140 kB
Transfer

6233 kB
Size

35
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uniconsent.com/?utm_source=widget&utm_medium=v2&utm_campaign=cmpui

Search URL Search Domain Scan URL

URL: https://www.chainsawselector.com/?utm_source=main-nav&utm_medium=link
Title: Chainsaws

Search URL Search Domain Scan URL

URL: https://www.generatortools.com/?utm_source=main-nav&utm_medium=link
Title: Generators

Search URL Search Domain Scan URL

URL: https://www.wakeupsleepyhead.com/?utm_source=main-nav&utm_medium=link
Title: Mattresses

Search URL Search Domain Scan URL

URL: https://www.powerstationpros.com/?utm_source=main-nav&utm_medium=link
Title: Power Stations

Search URL Search Domain Scan URL

URL: https://www.360powertools.com/?utm_source=main-nav&utm_medium=link
Title: Power Tools

Search URL Search Domain Scan URL

URL: https://www.theprojectorexpert.com/?utm_source=main-nav&utm_medium=link
Title: Projectors

Search URL Search Domain Scan URL

URL: https://www.refrigeratorhq.com/?utm_source=main-nav&utm_medium=link
Title: Refrigerators

Search URL Search Domain Scan URL

URL: https://www.washersdryers360.com/?utm_source=main-nav&utm_medium=link
Title: Washers & Dryers

Search URL Search Domain Scan URL

URL: http://corp.dealnews.com/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.facebook.com/dealnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/125457

Search URL Search Domain Scan URL

URL: http://www.twitter.com/DealNews

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/gE6BwhRS HTTP 301
https://swee.ps/DdDjcU_gOxKTxE HTTP 302
https://app.viralsweep.com/rin/111411/3735932 HTTP 302
https://www.dealnews.com/pages/sweepstakes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&RedC=c.clarity.ms&MXFR=04BE259AE43C61B01257346FE03C6F79 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&MUID=17CBF55B6B1265B214F4E4AE6AC06450

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dealnews.com/pages/sweepstakes/
Redirect Chain

https://lnkd.in/gE6BwhRS
https://swee.ps/DdDjcU_gOxKTxE
https://app.viralsweep.com/rin/111411/3735932
https://www.dealnews.com/pages/sweepstakes/

469 KB
125 KB

435ms
323ms

Document
text/html

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: dcb1b911633a60b3b59fde3a013b53839a39997a4ae38d6bca3764d492ddcabc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 127260
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 08:44:56 GMT
server: nginx/1.20.2
vary: Origin, Accept-Encoding, User-Agent, Fastly-SSL
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-dn-device-target: DESKTOP
x-dn-page-id: sweepstakes/
x-dn-page-type: MISC

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 734dc62d8fe0cc36-ZRH
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Aug 2022 08:44:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.dealnews.com/pages/sweepstakes/#f3735932
pragma: no-cache
server: cloudflare

GET
H/1.1 200
OK dealnews.js Show response
dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/ 3 KB
2 KB 66ms
18ms Script
application/javascript 199.232.192.249
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/dealnews.js
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8878de93f0391bd93c2be05c5e49401ea10d8b78dc6a20efe8ea965ac227b32b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: e_Hivs1vUww2Ib7jnD5DbXsUBBjgyIJk
Content-Encoding: gzip
ETag: "32f51fcfd631eee226e954a037edd9df"
Age: 1183371
X-Cache: HIT
Connection: keep-alive
X-S3-Url: /dealnews.uploads/dealnews-js/1.18.0/dealnews.js
Content-Length: 1259
X-Served-By: cache-hhn4049-HHN
Last-Modified: Mon, 11 Jul 2022 19:04:02 GMT
Server: AmazonS3
Date: Wed, 03 Aug 2022 08:44:56 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: max-age=2628000
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 session.php Show response
www.dealnews.com/lw/ 712 B
916 B 137ms
136ms Script
application/x-javascript 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/session.php?ts=617823600647817.8&p=2&u=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&l=atl&d=DESKTOP&n=&g=Pages&r=&t=MISC&i=sweepstakes%2F&w=1600&h=1200
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 142afcad252ecef04c50112c431d48b88b03f80915ab396a5928fb6e91012e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/pages/sweepstakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
server: nginx/1.20.2
vary: Origin, Accept-Encoding, Fastly-SSL
x-cache: MISS
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
expires: 0
cache-control: private, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0

GET
H2 200 stub.min.js Show response
cmp.uniconsent.com/v2/ 2 KB
1 KB 105ms
35ms Script
application/javascript 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/stub.min.js
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8a2379e7116a57079ac0a520e4939767d0a98e8961368bb0e09f9199f5bfa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33294
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 11:32:06 GMT
server: cloudflare
etag: W/"44feca040eb8a4e006870e57965cadd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoBN3%2FuN4AMdGxMRiTs9KbrFuldZEwgbZ9%2FZSdj4JNMknHI5OrxPcHuCc8wzKKMo9k2UMwC3D0Ibsuhk%2FZ67EEM3fI9m%2B5WUS0fIKtIT6iCaXg1H242mSny2NL8twhnSwNk%2FsI2K8I6a%2BQmaqzJ8SMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc6347e00ba89-MXP

GET
H2 200 cmp.js Show response
cmp.uniconsent.com/v2/7630b75630/ 2 KB
1 KB 109ms
41ms Script
application/javascript 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/7630b75630/cmp.js
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db625c9b1dfda87270acb2cee33549589e2e922eefdb6e602fbe3ef86f48c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7492
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 23:27:32 GMT
server: cloudflare
etag: W/"efbbe6423ce561f71d04c6f825584941"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwmFU0OsT56cHO0QYI30xJGldvKVR2hLLV7kjcFcC33PPVuf0Gd15FBlsqUBO8%2FXA5c5%2FzRogCe1CzU8WTCBduY8P8Ky739CYBud%2BJkdRpqJ09A2ldiTPGJ%2FDjRVSCA1zHhusFkph2YUQrcZL2RjJ7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc6347e04ba89-MXP

GET
H/1.1 200
OK dn-logo-white-web.png
c.dlnws.com/image/upload/c_scale,w_100/creative/logos/ 981 B
2 KB 104ms
17ms Image
image/png 151.101.129.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/c_scale,w_100/creative/logos/dn-logo-white-web.png
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:56 GMT
Via: 1.1 varnish
Age: 707313
Edge-Cache-Tag: 57740901878353323500040926339409063230,209298555926272943066138725513038242539,61a8d6e101361542271c7d2de6c10548
Cache-Tag: 57740901878353323500040926339409063230,209298555926272943066138725513038242539,61a8d6e101361542271c7d2de6c10548
X-Cache: HIT
Connection: keep-alive
Content-Length: 981
X-Served-By: cache-hhn4021-HHN
Last-Modified: Thu, 02 Jul 2020 11:05:10 GMT
Server: cloudinary
X-Timer: S1659516296.413477,VS0,VE1
Etag: "0cb3c1eede4e3032386a315a6918ba72"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H2 200 vsa-widget-6cc07f-117135.js Show response
app.viralsweep.com/ 8 KB
3 KB 553ms
553ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viralsweep.com/vsa-widget-6cc07f-117135.js?sid=117135_304552

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2530fe7b3c144b97bf0ce10a5effc51e41fbfd0352b58a3ef4763cbc1e20ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 03 Aug 2022 08:44:56 GMT
server: cloudflare
cross-origin-embedder-policy: require-corp
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734dc6341846cc36-ZRH
expires: Wed, 10 Aug 2022 08:44:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 71ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EN54Z97LG4

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8f9c5538d165124bc9719847b61c270593b738cd7cb506eea36d4cedb9d52e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73072
x-xss-protection: 0
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 5f0dcacb5440c8001264fa6f Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 89 KB
18 KB 89ms
19ms Script
application/javascript 13.32.99.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-40.fra60.r.cloudfront.net
Software: /
Resource Hash: b06aa526b2e195b72ae8094c9846133b98d3ffcd3eccf6903cd583df1a3e5c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:35:47 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
age: 549
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA60-P3
content-encoding: gzip
x-amz-cf-id: 8txQdzumTfhe4bQ0R6Zp6x6jOOFW7NKalm_l3nDEW0nDAtPkp7p6Tw==

GET
H2 200 main.min.js Show response
cmp.uniconsent.com/v2/ 124 KB
36 KB 35ms
34ms Script
application/javascript 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/main.min.js
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/7630b75630/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbeff590700782181d808a1d71764cba258112f17912edd3f4c52cf4e6511a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33299
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Jul 2022 23:22:03 GMT
server: cloudflare
etag: W/"cc60d36a591e3f0181adc5b1cbf17fdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX2KmiWkcDqL%2F9HJLA%2B8UVuE7ATe6i8FrMLs5PxsCMKVfyEz7Fq9igh%2FNFdowv%2BmjN3DJ7mNLaK8DLoluEQoUWQQm5K%2Fn%2BUIpshx7GWsJQi0%2F5krMKAkjfuJW3bUhRuep%2BYF4VdvEyVcIYtHllj2yWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc6350ee3ba89-MXP

POST
H2 204 ul.php
www.dealnews.com/lw/ 0
164 B 139ms
138ms Ping
text/html 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/ul.php
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dealnews.com/pages/sweepstakes/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
via: 1.1 varnish
server: nginx/1.20.2
vary: Origin, Fastly-SSL
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dealnews.com
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: MISS
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0

GET
H/1.1 200
OK google_icon.svg
c.dlnws.com/image/upload/v1568828759/creative/icons/ 833 B
2 KB 16ms
16ms Image
image/svg+xml 151.101.129.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1568828759/creative/icons/google_icon.svg
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:56 GMT
Via: 1.1 varnish
Age: 2450583
Edge-Cache-Tag: 170326365378043225325708294669163328194,61a8d6e101361542271c7d2de6c10548
Cache-Tag: 170326365378043225325708294669163328194,61a8d6e101361542271c7d2de6c10548
Content-Disposition: attachment; filename="google_icon.svg"
Connection: keep-alive
Content-Length: 833
X-Served-By: cache-hhn4021-HHN
X-Cache: HIT
Last-Modified: Wed, 18 Sep 2019 17:46:01 GMT
Server: cloudinary
X-Timer: S1659516296.488393,VS0,VE1
Etag: "780db3ae8cb057382ca45805f832c0ab"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H/1.1 200
OK facebook_icon_white.svg
c.dlnws.com/image/upload/v1569600470/creative/icons/ 463 B
1 KB 32ms
16ms Image
image/svg+xml 151.101.129.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1569600470/creative/icons/facebook_icon_white.svg
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:56 GMT
Via: 1.1 varnish
Age: 122118
Edge-Cache-Tag: 109077654884003298465842748263680756279,61a8d6e101361542271c7d2de6c10548
Cache-Tag: 109077654884003298465842748263680756279,61a8d6e101361542271c7d2de6c10548
Content-Disposition: attachment; filename="facebook_icon_white.svg"
Connection: keep-alive
Content-Length: 463
X-Served-By: cache-hhn4021-HHN
X-Cache: HIT
Last-Modified: Fri, 27 Sep 2019 16:07:52 GMT
Server: cloudinary
X-Timer: S1659516297.504461,VS0,VE1
Etag: "17ec5c0c5eac4015d4a5433768a37074"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H/1.1 200
OK newuserlb_close.png
c.dlnws.com/image/upload/v1626722028/dealnews/images/2013/icons/ 644 B
1 KB 40ms
16ms Image
image/png 151.101.129.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1626722028/dealnews/images/2013/icons/newuserlb_close.png
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:56 GMT
Via: 1.1 varnish
Age: 117766
Edge-Cache-Tag: 293115396676462056160908609363347698810,61a8d6e101361542271c7d2de6c10548
Cache-Tag: 293115396676462056160908609363347698810,61a8d6e101361542271c7d2de6c10548
X-Cache: HIT
Connection: keep-alive
Content-Length: 644
X-Served-By: cache-hhn4021-HHN
Last-Modified: Mon, 19 Jul 2021 19:13:49 GMT
Server: cloudinary
X-Timer: S1659516297.521173,VS0,VE1
Etag: "183d70a6cacbd81b9dfe3db4eed05337"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
994 B 64ms
25ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ed5bee2dc7a807c5c4ec63ac82cc522f33f1a8441d5aedf5c5739aae76a78bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 88ms
49ms Script
application/javascript 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7967dc46934e91f079f43bb63a2cf61d460983c29a783dd6c4fd2a6ed70d8f53

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RCGALYI_MpH6YffgmlSoHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RCGALYI_MpH6YffgmlSoHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 53ms
17ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48bc4287447d371cf1257655cf3c16359786b3d054d725a4daabcf96e7de5d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: knF+YBpSgazZNNotq9BckA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Ir0vuDlZ74kOrauYLo3AkbRh766cheTMHvafVaagTCkatMYsEPE1J7WVg+hscAktDwYkam6cPV27DNomBWOQNg==
x-fb-trip-id: 686109401
x-fb-content-md5: bc5bc7d20724648e783bc643ea5a23a8
x-frame-options: DENY
date: Wed, 03 Aug 2022 08:44:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f9cf09dbda48b09bc8396dfdff8461c6"
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:53:42 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=onGoogleLoadCallback

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42eb49e849d81d731e1675df419b1d3f6e0eac902c3c9166e939062e7d12c5b5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20366
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 03 Aug 2022 08:44:56 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c3b9cd26fed1e652"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
58 KB 63ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

279ae110ead152f77f41b3077877e9b4cf7294b3c3a05c1f809be7d9bd4be47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59594
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6176
date: Wed, 03 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 09:02:00 GMT

GET
H2 200 589xd066238.js Show response
tracker.marinsm.com/tracker/async/ 5 KB
2 KB 72ms
17ms Script
text/javascript 13.32.121.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/589xd066238.js
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-3.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: a586732e33eaf1f7580044488d6a2370885c9221b2f532999bef43b4f7c67442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 06:31:42 GMT
content-encoding: gzip
server: Apache/2.4.6 (CentOS)
age: 7994
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-marintrackerversion: 3
x-amz-cf-id: EpmLM3hV_aiGERxjP3w44El_DHaVICMkYba5CfnOZxeuVa_LuDXIGA==
expires: Wed, 03 Aug 2022 06:34:35 GMT

POST
H2 200 logger.php
www.dealnews.com/lw/ 16 B
92 B 322ms
321ms Ping
application/json 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/logger.php
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.dealnews.com/pages/sweepstakes/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
server: nginx/1.20.2
vary: Origin, Accept-Encoding, Fastly-SSL
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dealnews.com
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: MISS
accept-ranges: bytes
x-robots-tag: noindex
via: 1.1 varnish
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 64ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EN54Z97LG4&gtm=2oe811&_p=1846469738&_z=ccd.v9B&cid=2119909745.1659516303&ul=en-us&sr=1600x1200&_s=1&sid=1659516302&sct=1&seg=0&dl=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&dt=Sweepstakes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN54Z97LG4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dealnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 config.json Show response
cmp.uniconsent.com/v2/7630b75630/ 16 KB
3 KB 102ms
75ms Fetch
application/json 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/7630b75630/config.json
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a273ad0ee20b9373d7782e9e8cfea5d677aecb90a51c261004d05bfaf7a8b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Jul 2022 23:27:32 GMT
server: cloudflare
etag: W/"031254d4eead5a0580dd9a73fa3f9006"
x-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aq8J46A1jJrgvHX5%2FHwWh43LH%2B%2FKOCDVRW8Bmvn5%2BT3SJCb8zEozRHmQyDvInQmW3cFO3yOuGM9Wm6yNM5c690EgH9kOy8Un0YOzVnhOBerAhop6tmgXlZAzLO3TcrX0geZM6rJ2bvhQhxuFlBZnoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 734dc6360f02bb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 34ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a55bcb2b7e558e28a321d59b0dd7df4e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

560b8f32868d309c01c530af78dade7ac7c2671d20b5a3b7054e080e60e5dbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dealnews.com/
Origin: https://www.dealnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6sAVgwKjDl/4xI9W266XCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87844
x-fb-rlafr: 0
x-fb-debug: hupv4becChuYBANb4Gfz09y6n1JPzb3zvvpGMSsNUfV20A0hvMtYY7Z5cX3zwFW5cSzDoHHurNLM0tuQXuH5EA==
x-fb-content-md5: 67909d6a533d0e37dce9705556458487
x-frame-options: DENY
date: Wed, 03 Aug 2022 08:44:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "67726d5cd7abfeab3e63a4f4799b10f2"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 03 Aug 2023 07:32:28 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ 381 KB
152 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dealnews.com/
Origin: https://www.dealnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154709
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 08:37:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 55ms
23ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1846469738&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&ul=en-us&de=UTF-8&dt=Sweepstakes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABQAAAAC~&jid=2015246212&gjid=1958077288&cid=2119909745.1659516303&tid=UA-70020-1&_gid=874837765.1659516303&_r=1&_slc=1&cd1=Pages&cd2=&cd3=DESKTOP&cd5=mo5vrpnjybudui14l3oslsBQ1MTqD6aJ&cm1=1&cm2=0&cg1=Pages&cg2=&z=348305871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dealnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dealnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 108 KB
36 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onGoogleLoadCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6794d47a8523e3b8e01da75558c3723fed6dd8e6c017fb05663c0a6de85543ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36514
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 19:21:34 GMT

GET
H2 200 tp
tracker.marinsm.com/ 36 B
492 B 19ms
19ms Image
image/gif 13.32.121.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.marinsm.com/tp?act=1&cid=589xd066238&tz=&ref=&page=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&uuid=596BF237-9EA6-4BE7-9DE0-DDE1616FCC3F&rnd=794099608
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-3.fra60.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) /
Resource Hash: be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
server: Apache/2.4.6 (CentOS)
x-amz-cf-pop: FRA60-P1
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-cache
x-marintrackerversion: 3
content-length: 36
x-amz-cf-id: vOlelvBh0TiBryiQNJujEgghxiZt3TD3zOvs_jC_asQhYH3PvtKvmw==

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 112ms
71ms Stylesheet
text/css 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XC5UQY1JVNcD1OFYzfE5lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-XC5UQY1JVNcD1OFYzfE5lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 75ms
36ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=240283651047-2k9j9dpqt61kh002lfn5f9dptm2vo4bt.apps.googleusercontent.com&as=iREiFO4rAb5Uv60wVxwz2Q

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59d9e806cfc0669226437a9816bbe568c85ae5b05ffc48e0e51f2e3fdb36205d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Aeee_SBmTKngwZ6LmUjj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dealnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Aeee_SBmTKngwZ6LmUjj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ul.php
www.dealnews.com/lw/ 0
32 B 130ms
126ms Ping
text/html 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/ul.php
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dealnews.com/pages/sweepstakes/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
via: 1.1 varnish
server: nginx/1.20.2
vary: Origin, Fastly-SSL
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dealnews.com
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: MISS
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-613657585

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f9be67d588e3db920a9d440e2b73ced7ba9a3ca0a883e614c21881a8566c099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45580
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 08:44:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 98ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70020-1&cid=2119909745.1659516303&jid=2015246212&gjid=1958077288&_gid=874837765.1659516303&_u=YADAAAAAQAAAAC~&z=1951713777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dealnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Aug 2022 08:44:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.dealnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 97ms
27ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=16976398217&ev=fb_page_view&dl=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&rl=&if=false&ts=1659516302703&sw=1600&sh=1200&at=

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H3 200 / Show response
cmp.uniconsent.com/json/ 68 B
615 B 72ms
70ms Fetch
application/json 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/json/
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5761ebabd5515a18c4efec869b05067a642af79d50e7068342dc628b7d942ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYSwJTRvkRjsBIw0%2BoHhlVz9%2Ft92Uojll687rn0IO9toR9xxsA9MoqMNORI7iL4VtXLLhJUwEqM7OCoUCaN1r%2FiTKISkwpXwDXsexznZYtfz0cT6XfJEKsfm%2BvilRNuzvc0Gw1uZCFqDuhOzmt2u6l0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 734dc6368fbfbb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 iframe Show response
accounts.google.com/o/oauth2/ Frame BF82 280 B
260 B 33ms
32ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c1d534896b735916430a046958ef9cc3f95aca20987ef59bde2b6e531d49187

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k7YAELgDOAoExxHcjSL7-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dealnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-k7YAELgDOAoExxHcjSL7-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 08:44:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7DEF 44 KB
23 KB 84ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=normal&cb=c3g3njg6fvr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a86c36e76c41215172eff5b7894ab294de967a18907828b9317d58dc705d506e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QSrY9mHC2fWEJRPH9tPezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dealnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23854
content-security-policy: script-src 'report-sample' 'nonce-QSrY9mHC2fWEJRPH9tPezw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 08:44:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 86ms
31ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-613657585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 136ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FC0868687D24073945AB441AC434F9F Ref B: FRAEDGE1309 Ref C: 2022-08-03T08:44:56Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 03 Aug 2022 08:44:56 GMT
accept-ranges: bytes
content-length: 11367

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame BF82 2 KB
845 B 36ms
36ms Other
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97f8fb6326899d149f7df41d92bbc4276e7ab886160d335862cd70c780f7e0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gRfE7Gh3sgI.es5.O/d=1/rs=AOaEmlFN2tFlVCqE7XUpcBD-YLtB4VDAIg/ Frame BF82 99 KB
34 KB 57ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gRfE7Gh3sgI.es5.O/d=1/rs=AOaEmlFN2tFlVCqE7XUpcBD-YLtB4VDAIg/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713f3e6eee0cfdc3f37e91481ea6e68a322ba58e6cb2b653596f1c4604e3081b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 01:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34707
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 06:42:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 01:00:40 GMT

GET
H2 200 ads.js Show response
v3s8r2c3.stackpathcdn.com/ 140 B
356 B 100ms
30ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://v3s8r2c3.stackpathcdn.com/ads.js?a=1&ad_block=1
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 15:12:12 GMT
server: AmazonS3
etag: "b590bb023f189f4af7c50dc2454950d2"
x-cache-status: HIT
x-hw: 1659516296.cds206.lo4.hn,1659516296.cds080.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 141

GET
H3 200 vendor-list.json Show response
cmp.uniconsent.com/v2/ 367 KB
50 KB 67ms
66ms Fetch
application/json 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/vendor-list.json
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec24698047d7bfa844d3e4983cce7a4f59abaaff393a0d0d2224113584362c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 02 Aug 2022 19:10:03 GMT
server: cloudflare
etag: W/"2b8af41de61c2a60a23810292ef4f1c8"
x-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYoKtQAPRI%2B%2BoT9td7WbwexDsKgmZ3M3vAiQklFV3DNwzwxXJ0sThBT6YR52t3IUTZ9CerA5DJ00etl6VTFVLZta9BwOG1RZgG1xCeZzHMMeuyX0yZJ2L%2FeFjwBjuGcwNT%2FdcBrBwqUufmJQPLDh%2Fc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 734dc637288bbb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 7DEF 51 KB
24 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=normal&cb=c3g3njg6fvr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 08:00:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 7DEF 381 KB
151 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154709
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 08:37:12 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame BF82 49 B
95 B 36ms
35ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.dealnews.com&client_id=240283651047-2k9j9dpqt61kh002lfn5f9dptm2vo4bt.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gRfE7Gh3sgI.es5.O/d=1/rs=AOaEmlFN2tFlVCqE7XUpcBD-YLtB4VDAIg/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-jB96rIDUv-M224vnuKRWng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-jB96rIDUv-M224vnuKRWng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires: Wed, 03 Aug 2022 08:44:56 GMT

GET
H2 200 6cc07f-117135 Show response
app.viralsweep.com/vrlswp/widget/ Frame 9A8E 61 KB
20 KB 199ms
198ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=

Requested by

Host: app.viralsweep.com
URL: https://app.viralsweep.com/vsa-widget-6cc07f-117135.js?sid=117135_304552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1607bccac2fe0de160cec7240b74b7bbb7e1963482a38e34ce4eb9b2a04b9066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dealnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 734dc637ac8ecc36-ZRH
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 08:44:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 26 Jul 1997 05:00:00 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/ 2 KB
2 KB 69ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/?random=1659516302889&cv=9&fst=1659516302889&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&tiba=Sweepstakes&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18d93a7baefb9086dc48716fbeb29ae804103b069442c18534020bdef537ac22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 additional-consent-providers.json Show response
cmp.uniconsent.com/v2/7630b75630/ 6 KB
2 KB 61ms
61ms Fetch
application/json 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/7630b75630/additional-consent-providers.json
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c99b275992ca8a266e28a63871495e0460786d88982c6d605b592ca1bcf0fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 23:27:32 GMT
server: cloudflare
etag: W/"83d0c5560c957e4f1acfab737f08510a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6cqYmeh2Pgas8TaHkPnRSiuV%2B7J4gD6BONxJs2YyJf3uybMuEG7fOAw6853%2BtwuW6ol200eT5szDTXlH5veEzGMI%2BymcX54qFCwGr0%2BM3byulTyqw%2F69vHe8%2B%2BeZ2QYw75486fzlcowzjkGVi8STrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc6384a97bb06-MXP

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7DEF 102 B
134 B 25ms
25ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=normal&cb=c3g3njg6fvr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 03 Aug 2022 08:44:57 GMT

GET
H2 200 36002962.js Show response
bat.bing.com/p/action/ 1 KB
843 B 195ms
195ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/36002962.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3e39c57adf3cbcd6ca29c644705ed27b86afabb0599418399be038e9a5b2937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F834FD4D5524C5B915747A396820044 Ref B: FRAEDGE1309 Ref C: 2022-08-03T08:44:57Z
date: Wed, 03 Aug 2022 08:44:56 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=36002962&Ver=2&mid=ac183488-9c4b-4c8f-993c-abc8a8b15f78&sid=90e6cb60130811ed819bd75139c019f6&vid=90e6cea0130811ed840b5fadb8b5c2dd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sweepstakes&p=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&r=&lt=1802&evt=pageLoad&sv=1&rn=878607

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B2C135310BD49FEB2F107497958DD8D Ref B: FRAEDGE1309 Ref C: 2022-08-03T08:44:57Z
date: Wed, 03 Aug 2022 08:44:56 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/613657585/ 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/613657585/?random=1659516302889&cv=9&fst=1659513600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&tiba=Sweepstakes&async=1&fmt=3&is_vtc=1&random=2618212954&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/613657585/ 42 B
548 B 73ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/613657585/?random=1659516302889&cv=9&fst=1659513600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&tiba=Sweepstakes&async=1&fmt=3&is_vtc=1&random=2618212954&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C0FE 7 KB
1 KB 30ms
30ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2e1da024abd208cd4ba2c6ecfe62d17998196e49726084dedbc01bf6d70fda8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aIUxJxXRdUzD93IuupQ5Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dealnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-aIUxJxXRdUzD93IuupQ5Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 08:44:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vendors-v2.js Show response
cmp.uniconsent.com/v2/ 98 KB
12 KB 34ms
34ms Script
application/javascript 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/vendors-v2.js
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec28527364d3d772a2cc0694e94868572ecca7fb0534e7e3d20d7b3f7cc72737

Request headers

Referer: https://www.dealnews.com/
Origin: https://www.dealnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81748
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Jul 2022 23:22:04 GMT
server: cloudflare
etag: W/"bd3c93230638ab5ff7d2cbf08f972020"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBId62smg0QRkB3%2FORtZWQn%2BQgotd3oa3gEotnZesPdkp7DxEvcwYmJPu0yI2lePkUtnOJ%2BZOdXShbBNdP%2F2S5qWEJK0BQdKc55fv3XLmE91%2BPYQas%2FkrJ90gL31Q32rd0cUUBSouffQlNeG%2BNMrGao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc6393bddbb06-MXP

GET
H2 200 css_v3.css
app.viralsweep.com/assets/css/template/ Frame 9A8E 156 KB
26 KB 64ms
61ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/css/template/css_v3.css?v=3.69.2
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5177282c58f260dff4e5b3613125b9649d2de1921a17317a8909310779728778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 44844
cf-polished: origSize=179645
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset:UTF-8;charset=UTF-8
cache-control: public, max-age=604800
last-modified: Tue, 02 Aug 2022 20:17:33 GMT
cf-ray: 734dc6398f0ccc36-ZRH
expires: Wed, 10 Aug 2022 08:44:57 GMT

GET
H2 200 vsfont.css
app.viralsweep.com/assets/fonts/vsfont/css/ Frame 9A8E 11 KB
2 KB 48ms
42ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/fonts/vsfont/css/vsfont.css?v=3.69.2
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c85b5491e0512d8588e5c3766c8d633b37ec95a8f959257c484237c0dbe46f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 20:20:36 GMT
server: cloudflare
age: 44844
cf-polished: origSize=17172
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc6399f0fcc36-ZRH
cf-bgj: minify

GET
H2 200 intlTelInput.css
app.viralsweep.com/vendor/phone_country_codes/build/css/ Frame 9A8E 21 KB
3 KB 43ms
38ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/vendor/phone_country_codes/build/css/intlTelInput.css?v=3.69.2
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a7127ca3e71af55acbd07ce9e2036b1b5157961101bf101d5087f26c2fb437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Nov 2019 20:37:13 GMT
server: cloudflare
age: 44844
cf-polished: origSize=21726
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc6399f11cc36-ZRH
cf-bgj: minify

GET
H2 200 ie.css
app.viralsweep.com/assets/css/template/ Frame 9A8E 0
121 B 42ms
37ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/css/template/ie.css?v=3.69.2
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2016 17:58:22 GMT
server: cloudflare
age: 44844
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734dc6399f12cc36-ZRH
content-length: 0
cf-bgj: minify

GET
H2 200 all.css
app.viralsweep.com/assets/js/vendor/fontawesome/css/ Frame 9A8E 54 KB
12 KB 51ms
46ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/js/vendor/fontawesome/css/all.css?v=3.69.2
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e339ddf03ac269a3f0bbc0dc98a1edab0442b0792d5c9c9fb57a6da3ba21ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Nov 2019 20:37:13 GMT
server: cloudflare
age: 44844
cf-polished: origSize=68879
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc6399f14cc36-ZRH
cf-bgj: minify

GET
H2 200 google_fonts.css
app.viralsweep.com/assets/css/ Frame 9A8E 143 KB
26 KB 53ms
48ms Stylesheet
text/css 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/css/google_fonts.css
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0296bf9d275d44175cf85cffd003870681ccb411616fc78ace01484ae64c585d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 17:55:30 GMT
server: cloudflare
age: 44844
cf-polished: origSize=169115
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc6399f15cc36-ZRH
cf-bgj: minify

GET
H2 200 api.js Show response
app.viralsweep.com/cdn-cgi/bm/cv/669835187/ Frame 9A8E 35 KB
9 KB 33ms
32ms Script
text/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viralsweep.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 734dc63a0fbbcc36-ZRH

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame C0FE 51 KB
24 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 08:00:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame C0FE 381 KB
151 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154709
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 08:37:12 GMT

GET
H/1.1 200
OK DealNewsLogo72.jpg
c.dlnws.com/image/upload/v1508176230/creative/logos/ 83 KB
83 KB 19ms
16ms Image
image/jpeg 151.101.129.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1508176230/creative/logos/DealNewsLogo72.jpg
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7099dd20f42416efe0f32b2a8dcc9c27bb3346a9fc3d92134d29e5bfc2dd7bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:57 GMT
Via: 1.1 varnish
Age: 710990
Edge-Cache-Tag: 310959523375278717090633252128564987877,61a8d6e101361542271c7d2de6c10548
Cache-Tag: 310959523375278717090633252128564987877,61a8d6e101361542271c7d2de6c10548
X-Cache: HIT
Connection: keep-alive
Content-Length: 84661
X-Served-By: cache-hhn4021-HHN
Last-Modified: Mon, 16 Oct 2017 17:50:31 GMT
Server: cloudinary
X-Timer: S1659516297.235283,VS0,VE1
Etag: "c52b5dae538015465689ab48f2fea626"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H3 200 logo.svg
cmp.uniconsent.com/ 8 KB
4 KB 49ms
46ms Image
image/svg+xml 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp.uniconsent.com/logo.svg
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66414f480cc47033946213660ba8447212cdbcbabdf62d3f050909caf70b294f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33237
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 01 Dec 2019 20:31:39 GMT
server: cloudflare
etag: W/"a527b034a2737a9eae360eafecae3eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zj6ylu5CvOp8OFqB3Htgo9gdSlDOhBiYcNy58nxD7bdPdkSF3QDzitLlTPT26xolxlTl43m%2FH3h7jpye9UV%2FanKA7lcagMR6g4%2FSqUuQewIf%2FnZ8kSySKOai5RikQTxxBjExXLhTx75Vma3QTNgWzxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 734dc639bbfa59cb-MXP

GET
H2 200 36002962 Show response
www.clarity.ms/tag/uet/ 3 KB
3 KB 275ms
149ms Script
application/x-javascript 2620:1ec:27::cafe:1993
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/36002962
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/36002962.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1993 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8cfba391aa63e8924581c52f27edbda9e21b5838723dfad7035322b38662d3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:56 GMT
x-powered-by: ASP.NET
x-azure-ref: 0iTXqYgAAAADYpwolP39/QIPTVUqn8aJtSEVMMDFFREdFMjAxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 e9b8752a54e85282108ff90af87e25a9.js Show response
app.viralsweep.com/temp/ Frame 9A8E 449 KB
126 KB 61ms
58ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/temp/e9b8752a54e85282108ff90af87e25a9.js
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ad38337c03a20868e53308e0d9b158799941cc76c94265a441264cef7867797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Jun 2022 12:53:43 GMT
server: cloudflare
age: 15669
cf-polished: origSize=459665
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc639cf53cc36-ZRH
cf-bgj: minify

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ Frame 9A8E 361 B
431 B 184ms
30ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 9A8E 21 KB
21 KB 58ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: app.viralsweep.com
URL: https://app.viralsweep.com/assets/css/google_fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.viralsweep.com/
Origin: https://app.viralsweep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 20:39:29 GMT
x-content-type-options: nosniff
age: 561928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Jul 2023 20:39:29 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9A8E 49 KB
20 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6177
date: Wed, 03 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 09:02:00 GMT

GET
H2 200 vsfont.woff2
app.viralsweep.com/assets/fonts/vsfont/font/ Frame 9A8E 34 KB
34 KB 47ms
46ms Font
font/woff2 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/assets/fonts/vsfont/font/vsfont.woff2?96637732
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/assets/js/vendor/fontawesome/css/all.css?v=3.69.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6488611c4f30d8755cbb87802c4866ca16da8f92891d5c84cf9da35c6c167d7

Request headers

Referer: https://app.viralsweep.com/assets/js/vendor/fontawesome/css/all.css?v=3.69.2
Origin: https://app.viralsweep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 20:20:36 GMT
server: cloudflare
age: 3467
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 734dc63a886bcc36-ZRH
content-length: 34584
expires: Wed, 03 Aug 2022 09:14:57 GMT

GET
BLOB 200
OK 2ba15060-992e-4873-8744-af5dd7e0d31e
https://app.viralsweep.com/ Frame 9A8E 7 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viralsweep.com/2ba15060-992e-4873-8744-af5dd7e0d31e
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dfc67da32a0bd7106b8cd7b016c5d76e6065b853b9b1d7dd581d6b7486108e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 7605

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 9A8E 3 KB
2 KB 37ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48bc4287447d371cf1257655cf3c16359786b3d054d725a4daabcf96e7de5d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: knF+YBpSgazZNNotq9BckA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Ir0vuDlZ74kOrauYLo3AkbRh766cheTMHvafVaagTCkatMYsEPE1J7WVg+hscAktDwYkam6cPV27DNomBWOQNg==
x-fb-content-md5: bc5bc7d20724648e783bc643ea5a23a8
x-frame-options: DENY
date: Wed, 03 Aug 2022 08:44:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f9cf09dbda48b09bc8396dfdff8461c6"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 03 Aug 2022 08:53:42 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 9A8E 96 KB
29 KB 122ms
21ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/temp/e9b8752a54e85282108ff90af87e25a9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9F) /
Resource Hash: ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:57 GMT
Content-Encoding: gzip
Age: 253
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29212
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:07:06 GMT
Server: ECS (amb/6B9F)
Etag: "3b16e031477759af620cd0de990c6783+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 qsg27lrjshze1g8oijkh.png
res.cloudinary.com/viralsweep/image/upload/w_900,f_auto,dpr_1.0,fl_lossy,c_limit,q_auto/v1659360982/ Frame 9A8E 53 KB
54 KB 92ms
26ms Image
image/webp 2a04:4e42:200::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/viralsweep/image/upload/w_900,f_auto,dpr_1.0,fl_lossy,c_limit,q_auto/v1659360982/qsg27lrjshze1g8oijkh.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

937f73f849b7e7f6403832fd102f138c6132628caf3207ff4cb42dfecc3b99fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="qsg27lrjshze1g8oijkh.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-08-03T08:44:57.546Z;desc=hit,rtt;dur=23
vary: Save-Data
content-length: 54460
last-modified: Mon, 01 Aug 2022 13:47:47 GMT
server: Cloudinary
etag: "e3bcd251c599230ad93261dfca3650bb"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 9A8E 2 B
22 B 22ms
22ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003006669&t=pageview&_s=1&dl=https%3A%2F%2Fapp.viralsweep.com%2Fvrlswp%2Fwidget%2F6cc07f-117135%3Frndid%3D117135_304552%26framed%3D1%26vs_eid_hash%3D%26ref%3D%26source_url%3Dhttps%253A%252F%252Fwww.dealnews.com%252Fpages%252Fsweepstakes%252F%2523f3735932%26hsh%3Df3735932%26hash%3D&dr=https%3A%2F%2Fwww.dealnews.com%2F&ul=en-us&de=UTF-8&dt=Enter%20daily%20for%20a%20chance%20to%20WIN%20%241%2C000!&sd=24-bit&sr=1600x1200&vp=900x148&je=0&_u=IEBAAAABAAAAAC~&jid=375333669&gjid=1868735260&cid=1752697294.1659516303&tid=UA-34544759-2&_gid=2043197108.1659516303&_r=1&_slc=1&z=1977711412

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.viralsweep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.viralsweep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 9A8E 302 KB
86 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a55bcb2b7e558e28a321d59b0dd7df4e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

560b8f32868d309c01c530af78dade7ac7c2671d20b5a3b7054e080e60e5dbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.viralsweep.com/
Origin: https://app.viralsweep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6sAVgwKjDl/4xI9W266XCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87844
x-fb-rlafr: 0
x-fb-debug: hupv4becChuYBANb4Gfz09y6n1JPzb3zvvpGMSsNUfV20A0hvMtYY7Z5cX3zwFW5cSzDoHHurNLM0tuQXuH5EA==
x-fb-content-md5: 67909d6a533d0e37dce9705556458487
x-frame-options: DENY
date: Wed, 03 Aug 2022 08:44:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "67726d5cd7abfeab3e63a4f4799b10f2"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 03 Aug 2023 07:32:28 GMT

POST
H2 204 result Show response
app.viralsweep.com/cdn-cgi/bm/cv/ Frame 9A8E 0
310 B 34ms
33ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/cdn-cgi/bm/cv/result?req_id=734dc637ac8ecc36
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
server: cloudflare
cf-ray: 734dc63baa07cc36-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.36/ 52 KB
23 KB 147ms
147ms Script
application/javascript 2620:1ec:27::cafe:1993
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/36002962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1993 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
etag: "1d8a0e15023e426"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0iTXqYgAAAAA6AxC3Yxc3RazQC2C4ljkkSEVMMDFFREdFMjAxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ Frame 9A8E 66 KB
18 KB 30ms
30ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.5051961492933728
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 18679
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response
platform.twitter.com/widgets/ Frame 516B 320 KB
104 KB 21ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fapp.viralsweep.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://app.viralsweep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 475260
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Aug 2022 08:44:57 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 19 Jul 2022 20:05:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BAD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 516B 513 B
523 B 510ms
128ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1f719ea5cbc54273e175da3644a17c325ae72e37

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fapp.viralsweep.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 08:44:58 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 307351d42fc94b54d05f73ac7ac1cbcbcd0d2c95e95bfd6bd6d551dc11135319
content-length: 242

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ Frame 9A8E 23 KB
9 KB 61ms
15ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: app.viralsweep.com
URL: https://app.viralsweep.com/vrlswp/widget/6cc07f-117135?rndid=117135_304552&framed=1&vs_eid_hash=&ref=&source_url=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F%23f3735932&hsh=f3735932&hash=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-request-id: E2CJN5V9SREG4G4Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9086
x-amz-id-2: Og4u3sX7SFAJCTh5ItVvTVula6RDVoVw2DOB98y7/Faxsk4+Bzqh3hUBaobzzWbhVK22o6IYlIY=
x-served-by: cache-hhn4076-HHN
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1659516298.726910,VS0,VE0
date: Wed, 03 Aug 2022 08:44:57 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 95

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 0BC3 2 KB
1 KB 16ms
15ms Document
text/html 13.32.99.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-40.fra60.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.dealnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 518
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 08:36:19 GMT
vary: accept-encoding
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: ilvOovl8fWt4e28EYChSeV-BZmb8lbZI1qh78RHVKLrIL06UCnVDsA==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&RedC=c.clarity.ms&MXFR=04BE259AE43C61B01257346FE03C6F79
https://c.clarity.ms/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&MUID=17CBF55B6B1265B214F4E4AE6AC06450

42 B
369 B

36ms
36ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&MUID=17CBF55B6B1265B214F4E4AE6AC06450
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:57 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:44:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BEA5A62D2424DB5B3F50E527DBA6C1A Ref B: FRAEDGE1309 Ref C: 2022-08-03T08:44:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=F5C9C329A6E64501B903980CE40B86ED&MUID=17CBF55B6B1265B214F4E4AE6AC06450
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 vsa-lightbox-a322c7-111411.js Show response
app.viralsweep.com/ 97 KB
34 KB 49ms
49ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viralsweep.com/vsa-lightbox-a322c7-111411.js?sid=111411_539834

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e74050db1d30e27cef3d52fd1ee7ddc72200f8139e8aa942bd87160efc8c4206

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32063
cross-origin-embedder-policy: require-corp
cf-polished: origSize=102186
last-modified: Tue, 02 Aug 2022 23:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Wed, 10 Aug 2022 08:44:57 GMT
cache-control: public, max-age=604800
cf-ray: 734dc63cfb8bcc36-ZRH
cf-bgj: minify

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 119ms
31ms Script
application/javascript 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:43:06 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 112
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: 5aTkOvNftIB1Gsqi9chlhfqBqZxdEhwatSApjthUwKEPY5TP58mS8A==

GET
H/1.1 200
OK 1c9b88d932 Show response
bam.nr-data.net/1/ Frame 9A8E 49 B
720 B 295ms
247ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1c9b88d932?a=88700390&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=875&ref=https://app.viralsweep.com/vrlswp/widget/6cc07f-117135&be=393&fe=784&dc=568&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1659516302887,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:3,%22rp%22:201,%22rpe%22:314,%22dl%22:256,%22di%22:567,%22ds%22:567,%22de%22:579,%22dc%22:784,%22l%22:784,%22le%22:787%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:58 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 734dc63d5b90997b-FRA

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
224 B 131ms
130ms Fetch
text/html 35.170.12.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-248.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.dealnews.com/
key: 5f0dcacb5440c8001264fa6f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dealnews.com
date: Wed, 03 Aug 2022 08:44:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 332ms
108ms Preflight
application/json 35.170.12.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.dealnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://www.dealnews.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 03 Aug 2022 08:44:58 GMT
vary: accept-encoding

POST
H2 204 collect Show response
b.clarity.ms/ 0
176 B 372ms
105ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dealnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.dealnews.com
date: Wed, 03 Aug 2022 08:44:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 136ms
135ms Fetch
text/html 3.224.82.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.82.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-82-150.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.dealnews.com/
key: 5f0dcacb5440c8001264fa6f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 08:44:58 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 330ms
108ms Preflight 3.224.82.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.82.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-82-150.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.dealnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Wed, 03 Aug 2022 08:44:58 GMT

GET
H2 200 qsg27lrjshze1g8oijkh.png
res.cloudinary.com/viralsweep/image/upload/w_900,f_auto,dpr_1.0,fl_lossy,c_limit,q_auto/v1659360982/ Frame 9A8E 53 KB
53 KB 27ms
27ms Image
image/webp 2a04:4e42:200::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/viralsweep/image/upload/w_900,f_auto,dpr_1.0,fl_lossy,c_limit,q_auto/v1659360982/qsg27lrjshze1g8oijkh.png

Requested by

Host: app.viralsweep.com
URL: https://app.viralsweep.com/temp/e9b8752a54e85282108ff90af87e25a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

937f73f849b7e7f6403832fd102f138c6132628caf3207ff4cb42dfecc3b99fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:57 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="qsg27lrjshze1g8oijkh.webp"
server-timing: fastly;dur=1;start=2022-08-03T08:44:57.895Z;desc=hit,rtt;dur=24
vary: Save-Data
content-length: 54460
last-modified: Mon, 01 Aug 2022 13:47:47 GMT
server: Cloudinary
etag: "e3bcd251c599230ad93261dfca3650bb"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 initialize Show response
api.sail-personalize.com/v1/personalize/ 91 B
332 B 109ms
107ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 47ee9c993a8085085478ed4f113ffbb0ae789b067340f8775958a41803d097d7

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer fc290d0337542b458a7edd2973d6f557
content-type: application/json
accept: application/json
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
x-referring-url: https://www.dealnews.com/pages/sweepstakes/

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 91
allowedmethods: GET,OPTIONS

OPTIONS
H2 200 initialize
api.sail-personalize.com/v1/personalize/ Frame 0
0 373ms
105ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.dealnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.dealnews.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 03 Aug 2022 08:44:58 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 521ms
321ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dealnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.dealnews.com
date: Wed, 03 Aug 2022 08:44:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ Frame 9A8E 7 KB
3 KB 22ms
21ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9F) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 08:44:58 GMT
Content-Encoding: gzip
Age: 475253
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (amb/6B9F)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html Show response
platform.twitter.com/widgets/ Frame 6772 40 KB
15 KB 22ms
22ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9F) /
Resource Hash: d3a80a9b4f42d0a0d9bab3c816f48c2be0103e114ca3b15f6afea21367dbc987

Request headers

Referer: https://app.viralsweep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 475250
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15049
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Aug 2022 08:44:58 GMT
Etag: "b920a29baf855db414b687e4804194fd+gzip"
Last-Modified: Tue, 19 Jul 2022 20:04:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B9F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=2
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9A8E 43 B
357 B 124ms
123ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fapp.viralsweep.com%2Fvrlswp%2Fwidget%2F6cc07f-117135%3Frndid%3D117135_304552%26framed%3D1%26vs_eid_hash%3D%26ref%3D%26source_url%3Dhttps%253A%252F%252Fwww.dealnews.com%252Fpages%252Fsweepstakes%252F%2523f3735932%26hsh%3Df3735932%26hash%3D%23f3735932%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1659516304231%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1f719ea5cbc54273e175da3644a17c325ae72e37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 03 Aug 2022 08:44:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 307351d42fc94b54d05f73ac7ac1cbcbcd0d2c95e95bfd6bd6d551dc11135319
x-transaction: 3333f0db8706fd52
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3 204 edge Show response
cmp.uniconsent.com/v2/ 0
549 B 109ms
108ms XHR
application/json 2606:4700:3037::ac43:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.uniconsent.com/v2/edge
Requested by: Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dealnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krwiqCVB1ooS6JRARHHUTpXyNB7uBr1bB72insNICeKt%2FDcAtO6hJ4Y58%2Fv%2Bjgt1BisuAL%2Fln9wjxCOHsjaTJiE55wqpzJu3Ip8nBP%2FB%2BSIhX4EekqDPAX%2B9mYCrYd0YRtZYxKhI4Pk8M%2FTh9IHR1Yc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 734dc6400ee7bb06-MXP
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 6772 230 B
722 B 145ms
27ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=en&screen_names=DealNews

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6287) /

Resource Hash

9e051c0e8f2fec6d91a7256269170936244655eb9029a6aa9b198e4b5299d3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=7
vary: Accept-Encoding
content-length: 175
x-xss-protection: 0
x-response-time: 101
last-modified: Wed, 03 Aug 2022 08:43:20 GMT
server: ECS (lhb/6287)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Wed, 03 Aug 2022 08:54:58 GMT
cache-control: must-revalidate, max-age=600
x-connection-hash: 3725290126795947c29181006d534d609f80aa4d6853c47b9d7f1e146f4afa1b
accept-ranges: bytes
timing-allow-origin: *
x-transaction: c5fea940696d8886
access-contol-allow-origin: platform.twitter.com

GET
H2 200 /
log.pinterest.com/ Frame 9A8E 0
333 B 160ms
109ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=8Jdaz5QoJoVj&tv=2021110201&event=init&sub=www&button_count=0&follow_count=1&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fapp.viralsweep.com%2Fvrlswp%2Fwidget%2F6cc07f-117135%3Frndid%3D117135_304552%26framed%3D1%26vs_eid_hash%3D%26ref%3D%26source_url%3Dhttps%253A%252F%252Fwww.dealnews.com%252Fpages%252Fsweepstakes%252F%2523f3735932%26hsh%3Df3735932%26hash%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viralsweep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4075-HHN
pragma: no-cache
server: envoy
x-timer: S1659516299.639810,VS0,VE94
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1555793680771182
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 ul.php
www.dealnews.com/lw/ 0
89 B 135ms
134ms Ping
text/html 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/ul.php
Requested by: Host: www.dealnews.com
URL: https://www.dealnews.com/pages/sweepstakes/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dealnews.com/pages/sweepstakes/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Wed, 03 Aug 2022 08:44:58 GMT
via: 1.1 varnish
server: nginx/1.20.2
vary: Origin, Fastly-SSL
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.dealnews.com
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: MISS
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 57ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EN54Z97LG4&gtm=2oe811&_p=1846469738&_z=ccd.v9B&cid=2119909745.1659516303&ul=en-us&sr=1600x1200&_s=2&sid=1659516302&sct=1&seg=0&dl=https%3A%2F%2Fwww.dealnews.com%2Fpages%2Fsweepstakes%2F&dt=Sweepstakes&en=scroll&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN54Z97LG4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dealnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 08:45:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dealnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.viralsweep.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2d86b094b047d118f61fcf0c4672cc26
.app.viralsweep.com/	1970-01-20 13:44:12	Name: sfsf Value: 1
.app.viralsweep.com/	1970-01-20 06:25:00	Name: rid_111411 Value: 3735932
.dealnews.com/	1970-01-20 14:34:36	Name: dnvta Value: %7B%22uid%22%3A%22mo5vrpnjybudui14l3oslsBQ1MTqD6aJ%22%2C%22vid%22%3A%22mp5vrpnjyc8dui14l3oslMbMcPqnwpk9%22%2C%22fvts%22%3A1659516296%2C%22vsts%22%3A1659516296%2C%22lpvts%22%3A1659516296%2C%22lvts%22%3A0%2C%22ref%22%3A%22d41d8cd98f00b204e9800998ecf8427eda39a3ee5e6b4b0d3255bfef95601890afd80709%22%2C%22usid%22%3A0%2C%22ct%22%3A1%2C%22cr%22%3A1659516296%7D
.dealnews.com/	1970-01-20 14:34:36	Name: privacy_banner Value: 1
.dealnews.com/	1970-01-20 14:34:36	Name: _ga_EN54Z97LG4 Value: GS1.1.1659516302.1.0.1659516302.0
.dealnews.com/	1970-01-20 14:34:36	Name: _ga Value: GA1.2.2119909745.1659516303
.dealnews.com/	1970-01-20 05:00:02	Name: _gid Value: GA1.2.874837765.1659516303
.dealnews.com/	1970-01-20 04:58:36	Name: _gat Value: 1
.dealnews.com/	1970-01-20 13:44:12	Name: _msuuid_589xd066238 Value: 596BF237-9EA6-4BE7-9DE0-DDE1616FCC3F
.marinsm.com/	1970-01-20 13:44:12	Name: _msuuid Value: 596BF237-9EA6-4BE7-9DE0-DDE1616FCC3F
.www.dealnews.com/	1970-01-20 14:34:36	Name: G_ENABLED_IDPS Value: google
.dealnews.com/	1970-01-20 07:08:12	Name: _gcl_au Value: 1.1.1190805639.1659516303
.facebook.com/	1970-01-20 07:08:12	Name: fr Value: 0lvgRRQYj5LaJIH5F..Bi6jWI...1.0.Bi6jWI.
.dealnews.com/	1970-01-20 12:10:36	Name: __unid Value: bd082b3a-d13a-82d9-adf4-10f95bdeebd6
.google.com/	1970-01-20 09:22:07	Name: NID Value: 511=qbcOis74-Yq0t1QHVJ9WVXoC125vtl4FvIfETSC9FKRugAyHPu4NTFe2HiTpRttrCko1djXdnQpkR5K7DaB_MgtLtHfjJX9DOuUc-xbS9KKVTAhSclfJ4mi08SxNyDzUgef3qFBFj4WiK8k_dQE3MrNYzYqOn2_FOSuyRCE3-Do
.bing.com/	1970-01-20 14:20:12	Name: MUID Value: 17CBF55B6B1265B214F4E4AE6AC06450
.doubleclick.net/	1970-01-20 04:58:37	Name: test_cookie Value: CheckForPermission
.dealnews.com/	1970-01-20 05:00:02	Name: _uetsid Value: 90e6cb60130811ed819bd75139c019f6
.dealnews.com/	1970-01-20 14:20:12	Name: _uetvid Value: 90e6cea0130811ed840b5fadb8b5c2dd
.app.viralsweep.com/	1970-01-20 04:58:36	Name: viewed_117135 Value: 1659516297
.app.viralsweep.com/	1970-01-20 14:34:36	Name: _ga Value: GA1.3.1752697294.1659516303
.app.viralsweep.com/	1970-01-20 05:00:02	Name: _gid Value: GA1.3.2043197108.1659516303
.app.viralsweep.com/	1970-01-20 04:58:36	Name: _gat_viralsweep_tracker1 Value: 1
www.clarity.ms/	1970-01-20 13:44:12	Name: CLID Value: 00e5ae828b4b4acd9d9bb0533f1ee0e8.20220803.20230803
.viralsweep.com/	1970-01-20 04:58:38	Name: __cf_bm Value: NSxW_arBT49a2l2FRaINSwxN5qIYi9rKKWqZBGlEmb0-1659516297-0-ASKUhctcFE0UqjcOhJoFslBsmfX0AzJUutqUWJyK5BeXJcdgq1keXB7qPLwzKoKKccrgrZyVT5SJt0+RbaO2T0mO11G3G5NdYq0LMdpP0pYSvU+Vv8goUz0CRDqftNTbWq/9qRYhPEILVT1tFXowljkMx/9dI8TXT/wm1UPKPdcu
.dealnews.com/	1970-01-20 13:44:12	Name: _clck Value: 1lfb2m6\|1\|f3p\|0
www.dealnews.com/	1969-12-31 23:59:59	Name: vs_timer_control Value: 1
www.dealnews.com/	1970-01-20 04:58:38	Name: sailthru_pageviews Value: 1
.c.bing.com/	1970-01-20 14:20:12	Name: SRM_B Value: 17CBF55B6B1265B214F4E4AE6AC06450
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:20:12	Name: MUID Value: 17CBF55B6B1265B214F4E4AE6AC06450
.c.clarity.ms/	1970-01-20 04:58:36	Name: ANONCHK Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 21a64f3f099cef82
.dealnews.com/	1970-01-20 05:00:02	Name: _clsk Value: pf9sqm\|1659516304173\|1\|1\|b.clarity.ms/collect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: https://www.dealnews.com/pages/sweepstakes/#f3735932 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ak.sail-horizon.com
api.pushnami.com
api.sail-personalize.com
apis.google.com
app.viralsweep.com
assets.pinterest.com
b.clarity.ms
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
c.dlnws.com
cdn.syndication.twimg.com
cmp.uniconsent.com
connect.facebook.net
dealnews.a.ssl.fastly.net
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
lnkd.in
log.pinterest.com
platform.twitter.com
psp.pushnami.com
region1.google-analytics.com
res.cloudinary.com
stats.g.doubleclick.net
swee.ps
syndication.twitter.com
tracker.marinsm.com
trc.pushnami.com
v3s8r2c3.stackpathcdn.com
www.clarity.ms
www.dealnews.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.8
13.107.42.14
13.32.121.3
13.32.99.40
151.101.129.95
151.101.130.49
151.101.192.84
151.101.66.137
151.139.128.11
162.247.241.14
172.217.18.2
18.66.15.50
199.232.192.249
20.234.93.27
20.75.32.255
2001:4860:4802:34::36
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3037::ac43:992a
2606:4700::6812:7b9
2620:1ec:27::cafe:1993
2620:1ec:c11::200
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200d
2a00:1450:400c:c00::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::393
2a04:4e42:4b::84
2a06:98c1:3120::3
3.224.82.150
35.170.12.248
75.2.40.13
0296bf9d275d44175cf85cffd003870681ccb411616fc78ace01484ae64c585d
03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f
06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3
08a7127ca3e71af55acbd07ce9e2036b1b5157961101bf101d5087f26c2fb437
0c1d534896b735916430a046958ef9cc3f95aca20987ef59bde2b6e531d49187
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
142afcad252ecef04c50112c431d48b88b03f80915ab396a5928fb6e91012e83
1607bccac2fe0de160cec7240b74b7bbb7e1963482a38e34ce4eb9b2a04b9066
18d93a7baefb9086dc48716fbeb29ae804103b069442c18534020bdef537ac22
1c2530fe7b3c144b97bf0ce10a5effc51e41fbfd0352b58a3ef4763cbc1e20ce
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
279ae110ead152f77f41b3077877e9b4cf7294b3c3a05c1f809be7d9bd4be47d
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
39c99b275992ca8a266e28a63871495e0460786d88982c6d605b592ca1bcf0fc
3f9be67d588e3db920a9d440e2b73ced7ba9a3ca0a883e614c21881a8566c099
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42eb49e849d81d731e1675df419b1d3f6e0eac902c3c9166e939062e7d12c5b5
47ee9c993a8085085478ed4f113ffbb0ae789b067340f8775958a41803d097d7
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48bc4287447d371cf1257655cf3c16359786b3d054d725a4daabcf96e7de5d6d
5177282c58f260dff4e5b3613125b9649d2de1921a17317a8909310779728778
52dfc67da32a0bd7106b8cd7b016c5d76e6065b853b9b1d7dd581d6b7486108e
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
560b8f32868d309c01c530af78dade7ac7c2671d20b5a3b7054e080e60e5dbde
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5761ebabd5515a18c4efec869b05067a642af79d50e7068342dc628b7d942ca1
59d9e806cfc0669226437a9816bbe568c85ae5b05ffc48e0e51f2e3fdb36205d
5db625c9b1dfda87270acb2cee33549589e2e922eefdb6e602fbe3ef86f48c34
5e339ddf03ac269a3f0bbc0dc98a1edab0442b0792d5c9c9fb57a6da3ba21ae4
66414f480cc47033946213660ba8447212cdbcbabdf62d3f050909caf70b294f
6794d47a8523e3b8e01da75558c3723fed6dd8e6c017fb05663c0a6de85543ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
6ed5bee2dc7a807c5c4ec63ac82cc522f33f1a8441d5aedf5c5739aae76a78bc
7099dd20f42416efe0f32b2a8dcc9c27bb3346a9fc3d92134d29e5bfc2dd7bb0
713f3e6eee0cfdc3f37e91481ea6e68a322ba58e6cb2b653596f1c4604e3081b
7967dc46934e91f079f43bb63a2cf61d460983c29a783dd6c4fd2a6ed70d8f53
8878de93f0391bd93c2be05c5e49401ea10d8b78dc6a20efe8ea965ac227b32b
8cfba391aa63e8924581c52f27edbda9e21b5838723dfad7035322b38662d3e7
937f73f849b7e7f6403832fd102f138c6132628caf3207ff4cb42dfecc3b99fd
97f8fb6326899d149f7df41d92bbc4276e7ab886160d335862cd70c780f7e0a1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad38337c03a20868e53308e0d9b158799941cc76c94265a441264cef7867797
9e051c0e8f2fec6d91a7256269170936244655eb9029a6aa9b198e4b5299d3c3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e1da024abd208cd4ba2c6ecfe62d17998196e49726084dedbc01bf6d70fda8
a586732e33eaf1f7580044488d6a2370885c9221b2f532999bef43b4f7c67442
a86c36e76c41215172eff5b7894ab294de967a18907828b9317d58dc705d506e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b06aa526b2e195b72ae8094c9846133b98d3ffcd3eccf6903cd583df1a3e5c93
b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b8f9c5538d165124bc9719847b61c270593b738cd7cb506eea36d4cedb9d52e0
baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623
bbeff590700782181d808a1d71764cba258112f17912edd3f4c52cf4e6511a25
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
c85b5491e0512d8588e5c3766c8d633b37ec95a8f959257c484237c0dbe46f44
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d3a80a9b4f42d0a0d9bab3c816f48c2be0103e114ca3b15f6afea21367dbc987
d6488611c4f30d8755cbb87802c4866ca16da8f92891d5c84cf9da35c6c167d7
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db8a2379e7116a57079ac0a520e4939767d0a98e8961368bb0e09f9199f5bfa6
dcb1b911633a60b3b59fde3a013b53839a39997a4ae38d6bca3764d492ddcabc
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e39c57adf3cbcd6ca29c644705ed27b86afabb0599418399be038e9a5b2937
e74050db1d30e27cef3d52fd1ee7ddc72200f8139e8aa942bd87160efc8c4206
e8a273ad0ee20b9373d7782e9e8cfea5d677aecb90a51c261004d05bfaf7a8b4
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
ec28527364d3d772a2cc0694e94868572ecca7fb0534e7e3d20d7b3f7cc72737
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
eec24698047d7bfa844d3e4983cce7a4f59abaaff393a0d0d2224113584362c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

www.dealnews.com Open in urlscan Pro 151.101.130.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

98 %HTTPS

55 %IPv6

29 Domains

41 Subdomains

39 IPs

5 Countries

2140 kBTransfer

6233 kBSize

35 Cookies

13 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dealnews.com Open in urlscan Pro
151.101.130.49 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

98 %
HTTPS

55 %
IPv6

29
Domains

41
Subdomains

39
IPs

5
Countries

2140 kB
Transfer

6233 kB
Size

35
Cookies

108 HTTP transactions
0 data transactions