jeepsaut.com/4/5305849/
139.45.197.238200 OK 828 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (463)
Hash d727a4e82f064c64d5a3d5994bc41dcf
b5ba3784d16e9608562e27e4e16f85439ffd740c
b502900bde982c6469b5a24019bb9e32cf0f3dcf3cfb7948a2d8900ce3f62cdd
GET /4/5305849/ HTTP/1.1
Host: jeepsaut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 22:11:16 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8971ccdc8449471e37ffa011d7af866d
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://sweepstakessurveytoday.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=95c5193e172242e4a7f6471e43b4d827; expires=Thu, 08 Feb 2024 22:11:16 GMT; path=/
oaidts=1675894276; expires=Thu, 08 Feb 2024 22:11:16 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12567
Expires: Thu, 09 Feb 2023 01:40:44 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11462
Expires: Thu, 09 Feb 2023 01:22:19 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6382
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:36:44 GMT
content-type: application/json
age: 2073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 1510
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c14e228f19415f2af825294ff401241
dabb4fa3c22980b27aa873fd8aa429366655c95e
df9ed274a8026ea08f348145695717b6f8a11fa8f3c14e60b30b4cd60f7e2fde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF9ED274A8026EA08F348145695717B6F8A11FA8F3C14E60B30B4CD60F7E2FDE"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16901
Expires: Thu, 09 Feb 2023 02:52:58 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
jeepsaut.com/favicon.ico
139.45.197.238204 No Content 0 B IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: jeepsaut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=95c5193e172242e4a7f6471e43b4d827; oaidts=1675894276
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=95c5193e172242e4a7f6471e43b4d827
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=95c5193e172242e4a7f6471e43b4d827
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=95c5193e172242e4a7f6471e43b4d827 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=95c5193e172242e4a7f6471e43b4d827; expires=Thu, 08 Feb 2024 22:11:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0928e5ba43d8f4f647781d53e733ee1e
4c890cdda7d65e75013f149e76dcefd83303947c
afd3d78e2754d77bfc00502298aa8373f21d5f20f1c4f39872109b1d915b768a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101974
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:11:17 GMT
Etag: "63e3095b-117"
Expires: Fri, 10 Feb 2023 02:30:51 GMT
Last-Modified: Wed, 08 Feb 2023 02:30:51 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0928e5ba43d8f4f647781d53e733ee1e
4c890cdda7d65e75013f149e76dcefd83303947c
afd3d78e2754d77bfc00502298aa8373f21d5f20f1c4f39872109b1d915b768a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=101974
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:11:17 GMT
Etag: "63e3095b-117"
Expires: Fri, 10 Feb 2023 02:30:51 GMT
Last-Modified: Wed, 08 Feb 2023 02:30:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
sweepstakessurveytoday.com/js/_is-browser-supported.e7018771.js
188.114.96.1200 OK 2.8 kB URL HTTP/2 sweepstakessurveytoday.com/js/_is-browser-supported.e7018771.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (1001), with no line terminators
Hash 86d771e3ae7d1d757a13162195a24cbd
66bd58a86debb4a4ad93e8f312059eac7185377d
a04bbece994c1951e17fbf41870c5b5fe8df199e985965dc13d7a538c7fa6158
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_is-browser-supported.e7018771.js HTTP/1.1
Host: sweepstakessurveytoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63e3940b-3e9"
last-modified: Wed, 08 Feb 2023 12:22:35 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 5651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MWE5JLSGmv4L1wKrypE063T5sKiDmWBTNpFfL3PMEjy30Tva64mkm5PWNlKO59rC3jvTddRZuKcvUx0LvBaCKmmFiT28y0Jc2Dy2bXQiwn%2Boa2%2FMJ%2FyUwnc6%2FjXDCZ0lkeVoQVcHDvd09JwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967b342bbe1b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 65e5ab4f82c81559f325a29accf0bf28
9309157bf49604715e464b88eff460028a944eaf
d14c4193927d6b30b223fcff22e6c3aa2c892fa2f7f72aba08d2dcb5b240f228
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f5d93a9e2e0d4bb7a4cced9f48a02945; expires=Thu, 08 Feb 2024 22:11:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 3385
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 5.0 kB IP 93.184.220.29:0
Hash ab7570c5449d5bf38156d122feabe214
2838ab8b3fd9c822e58a739209be0afad610244b
fe563b7fd65220717daa7d9c7259a8076fb5bda0568bc568f4989163334314cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5755
Cache-Control: max-age=162482
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:11:17 GMT
Etag: "63e3df3c-118"
Expires: Fri, 10 Feb 2023 19:19:19 GMT
Last-Modified: Wed, 08 Feb 2023 17:43:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
cdntechone.com/stattag.js
188.114.96.1200 OK 7.0 kB URL HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (17301), with no line terminators
Hash d9fd7e1155ebd1b4a7d50f4b03764244
b6f8ee2388d7ca6835362c9b979030cf8165fd1f
09095820c9298ddcd4a93624fcbc1c94593816fc3c2ffd27997266645f8218b3
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:45 GMT
etag: W/"63dd36b5-4395"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5560
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMRBEqUd4m5scDUaz46CKBqEcTr1mi%2BAk5h9M9r8Xyjkto%2Fsbm6awt%2BLn50pnfDo5etOiqOQuS3s3Lhoc%2FATRV116v7rHa3e264mooVc0I6xwBu6ddFMx0XSOxquFKdvIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967b344697fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 5c85486ed88db3997ca80812fba6d63f
85b2ed15cf705390df4506eb0923574177cf5b99
cb896352caeb3927a2c90ff92123a3226eb2e7b3ec01bb252e3c4cd168fafa76
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:11:17 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 12 Feb 2023 20:02:49 GMT
ETag: "85b2ed15cf705390df4506eb0923574177cf5b99"
Last-Modified: Wed, 08 Feb 2023 20:02:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3093
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967b3452bf0b4eb-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4cea5d215ec900e91f4d018b9133f99
16d19bcd339413530980babb9e82fc84a7cdd402
4d04c1fe58eefbbcf19f3e326cd52df0cfa0ebbc6a1da62f521ae7264867c4c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D04C1FE58EEFBBCF19F3E326CD52DF0CFA0EBBC6A1DA62F521AE7264867C4C3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8293
Expires: Thu, 09 Feb 2023 00:29:30 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Wed, 08 Feb 2023 22:53:33 GMT
Date: Wed, 08 Feb 2023 22:11:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9bb077f501697149d17a958de17f9ea
2c1f0a0d330ed20fbabbf8005dd726fcab890cc7
0efab6eab1484bff48e8cdd6e23b0dbed9917d65014eb47f7d91377c05f95564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EFAB6EAB1484BFF48E8CDD6E23B0DBED9917D65014EB47F7D91377C05F95564"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Thu, 09 Feb 2023 01:26:49 GMT
Date: Wed, 08 Feb 2023 22:11:18 GMT
Connection: keep-alive
laugoust.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=sweepstakessurveytoday.com&var=5305849&ymid=&var_3=647310113258082358&dsig=&action=prerequest
139.45.197.250200 OK 0 B URL HTTP/2 laugoust.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=sweepstakessurveytoday.com&var=5305849&ymid=&var_3=647310113258082358&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /zone?&pub=0&zone_id=4843177&is_mobile=false&domain=sweepstakessurveytoday.com&var=5305849&ymid=&var_3=647310113258082358&dsig=&action=prerequest HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:11:18 GMT
content-length: 0
x-trace-id: b6389ab5407c7757dfcdda7a48fdb6e4
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 75 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type ASCII text, with very long lines (2572), with no line terminators
Hash d4a81011a2dce2db7d9552af97fddf24
5d2c46db97ae019052c64a60d65291cf712cd70e
30973094c6a190c625b7c5be15104cb1697422e510b62a28d4e22233a0c28c7c
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Wed, 08 Feb 2023 22:11:17 GMT
access-control-allow-origin: *
etag: "63e36f34-12029"
expires: Wed, 08 Feb 2023 23:11:17 GMT
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash acc084ec1034e326115ac510c8f75873
c82ed8688905d6fa3c9fdf7f7e53be6249eb2fee
b3c200a1cc9987df99e07e1ea764940398698dc73210d7c50479555e99753d08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:11:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 17:19:52 GMT
Expires: Sun, 12 Feb 2023 17:19:51 GMT
Etag: "c82ed8688905d6fa3c9fdf7f7e53be6249eb2fee"
Cache-Control: max-age=327512,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967b3458ef1b512-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1472
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 Feb 2023 22:11:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sweepstakessurveytoday.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
push.services.mozilla.com/
35.160.240.54101 Switching Protocols 494 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.240.54:0
Hash af72947741a5cb3bfea691aee4cc0bf3
d2e02108f93ae5ab3045842c33d966f12dbbda42
2307ce9df94f8cb06beb7007c1b69b24e6c60df94c675253da6658d4e3bcc6f0
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KfYg6/m9FCJnZMp/MsFofw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 40zhKUSHq7k62DUiEm+LmGbYO4s=
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: *
etag: "63e36f34-2b"
expires: Wed, 08 Feb 2023 23:11:18 GMT
accept-ranges: bytes
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A535%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894334%3Ac%3A1%3Arn%3A518105157%3Arqn%3A1%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C45%2C1%2C%2C0%2C%2C130%2C2%2C%2C%2C%2C546%3Aco%3A0%3Ans%3A1675894333350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894334%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A535%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894334%3Ac%3A1%3Arn%3A518105157%3Arqn%3A1%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C45%2C1%2C%2C0%2C%2C130%2C2%2C%2C%2C%2C546%3Aco%3A0%3Ans%3A1675894333350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894334%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 523823dc27ede569a1fd26a5a8fa5ad8
da6a7350b26f93e866028c212b7f80e0851244f8
fb9cb7730f32e8689989834c143b39288a2694dbffa9f032b2725f33396c5e23
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A535%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894334%3Ac%3A1%3Arn%3A518105157%3Arqn%3A1%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C45%2C1%2C%2C0%2C%2C130%2C2%2C%2C%2C%2C546%3Aco%3A0%3Ans%3A1675894333350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894334%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A535%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894334%3Ac%3A1%3Arn%3A518105157%3Arqn%3A1%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C231%2C45%2C1%2C%2C0%2C%2C130%2C2%2C%2C%2C%2C546%3Aco%3A0%3Ans%3A1675894333350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894334%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
set-cookie: yabs-sid=1153709621675894278; Path=/; SameSite=None; Secure
i=e393/SkSAt52+Jr5aoSjLkAIrGx74L8Wa0n4hlxugwiItees900D/aMLf4+mTMXTRaNqViMwYRek4TTnTjbsgoUxXmM=; Expires=Sat, 05-Feb-2033 22:11:15 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2048564921675894278; Expires=Thu, 08-Feb-2024 22:11:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2048564921675894278; Expires=Thu, 08-Feb-2024 22:11:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1707430278.yc.1675894278#1707430278.yrts.1675894278#1707430278.yrtsi.1675894278; Expires=Thu, 08-Feb-2024 22:11:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A48201380%3Arqn%3A2%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1130%2C1130%2C0%2C%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A48201380%3Arqn%3A2%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1130%2C1130%2C0%2C%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonSurveyStart&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A48201380%3Arqn%3A2%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1130%2C1130%2C0%2C%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 79
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A1067725859%3Arqn%3A3%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A1067725859%3Arqn%3A3%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexCall&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A1067725859%3Arqn%3A3%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A547861873%3Arqn%3A5%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A547861873%3Arqn%3A5%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A547861873%3Arqn%3A5%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A278265903%3Arqn%3A4%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A278265903%3Arqn%3A4%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A278265903%3Arqn%3A4%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A137746466%3Arqn%3A6%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A137746466%3Arqn%3A6%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A137746466%3Arqn%3A6%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A927224470%3Arqn%3A8%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A927224470%3Arqn%3A8%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A927224470%3Arqn%3A8%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A722772112%3Arqn%3A7%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A722772112%3Arqn%3A7%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonAdexLoad&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A722772112%3Arqn%3A7%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A521670350%3Arqn%3A9%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A521670350%3Arqn%3A9%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurveytoday.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fsweepstakessurveytoday.com%2Fsweeps-survey.html%3Foffer_id%3D112755%26geo%3DNO%26oaid%3D95c5193e172242e4a7f6471e43b4d827%26s%3D647310113258082358%26z%3D5305849%26b%3D14374854%26var%3D%26campaignid%3D5958240%26utm_campaign%3D%26utm_medium%3D5305849%26utm_source%3Dzd_5958240%26utm_term%3D14374854%26utm_content%3Dzd_public_v2%26country%3DNO%26testinapp%3D4333347%26testinapp%3D4834358%26rdk%3Drk1&charset=utf-8&hittoken=1675894278_c2be922ce7c6767ebd75e657c0025730f87a1771eade995c1e6a644fa222de42&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1100834788291%3Ahid%3A899584867%3Az%3A0%3Ai%3A20230208221214%3Aet%3A1675894335%3Ac%3A1%3Arn%3A521670350%3Arqn%3A9%3Au%3A1675894334965906283%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675894333350%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675894335%3At%3ADear%20user&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 389
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 08 Feb 2023 22:11:18 GMT
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 08-Feb-2023 22:11:18 GMT
last-modified: Wed, 08-Feb-2023 22:11:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=5305849&uid=f5d93a9e2e0d4bb7a4cced9f48a02945
139.45.197.237200 OK 3.2 kB URL HTTP/2 itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=5305849&uid=f5d93a9e2e0d4bb7a4cced9f48a02945
IP 139.45.197.237:0
Hash 626a912e1a75ed8f8f67b0a1e64809eb
0b333515fefec83d16a15359528a025ba9432049
117c8d7a4bd0dc25f106bc036856fa94f57fc85bb8747a23386be096305114b9
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=5305849&uid=f5d93a9e2e0d4bb7a4cced9f48a02945 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweepstakessurveytoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:11:18 GMT
content-type: application/javascript
x-trace-id: a8dacc6ee4d2492762530baeb05346fe
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sweepstakessurveytoday.com
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=f5d93a9e2e0d4bb7a4cced9f48a02945; expires=Thu, 08 Feb 2024 22:11:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2869
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 22:11:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2869
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 22:11:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2869
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 22:11:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:25:01 GMT
age: 56778
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KUNhk8O0jpb6OyjCo5RGruuV5633xiM-PBeb6c0BaJI8uFQ7Aflj2g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:53:58 GMT
age: 1041
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:28 GMT
age: 1671
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lXTMw2s8GxQtwjucvNYZeHL-i8ECHbdGThUV5_vn2mKEhArswcO3VA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:09 GMT
age: 1690
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 27331
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 85922
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sweepstakessurveytoday.com/js/_global-config-sd.72e733ae.js
188.114.96.1200 OK 0 B URL HTTP/2 sweepstakessurveytoday.com/js/_global-config-sd.72e733ae.js
IP 188.114.96.1:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_global-config-sd.72e733ae.js HTTP/1.1
Host: sweepstakessurveytoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63e3940b-3c4"
last-modified: Wed, 08 Feb 2023 12:22:35 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 5651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG5si%2F%2FNMSyjceSQe7LZjrXJGMMSDCcQX4UHRN3IoIRAmErVmOmkk%2BXj%2BN%2BTa%2FhOjqvj8UNIqXSkfWh5cXovGjDmGvJxflOaO42inaFVv216fdPcUDplv1l%2B6%2B5ZW4iFofj1TFGNt2YQqOFW1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967b342bbe3b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sweepstakessurveytoday.com/sweeps-survey.html?offer_id=112755&geo=NO&oaid=95c5193e172242e4a7f6471e43b4d827&s=647310113258082358&z=5305849&b=14374854&var=&campaignid=5958240&utm_campaign=&utm_medium=5305849&utm_source=zd_5958240&utm_term=14374854&utm_content=zd_public_v2&country=NO&testinapp=4333347&testinapp=4834358&rdk=rk1
188.114.96.1200 OK 0 B URL HTTP/2 sweepstakessurveytoday.com/sweeps-survey.html?offer_id=112755&geo=NO&oaid=95c5193e172242e4a7f6471e43b4d827&s=647310113258082358&z=5305849&b=14374854&var=&campaignid=5958240&utm_campaign=&utm_medium=5305849&utm_source=zd_5958240&utm_term=14374854&utm_content=zd_public_v2&country=NO&testinapp=4333347&testinapp=4834358&rdk=rk1
IP 188.114.96.1:0
Analyzer Verdict Alert quad9 Sinkholed
GET /sweeps-survey.html?offer_id=112755&geo=NO&oaid=95c5193e172242e4a7f6471e43b4d827&s=647310113258082358&z=5305849&b=14374854&var=&campaignid=5958240&utm_campaign=&utm_medium=5305849&utm_source=zd_5958240&utm_term=14374854&utm_content=zd_public_v2&country=NO&testinapp=4333347&testinapp=4834358&rdk=rk1 HTTP/1.1
Host: sweepstakessurveytoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:11:17 GMT
content-type: text/html
last-modified: Wed, 08 Feb 2023 12:22:35 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9Q9UzkW5G4k2T6EpaXiSg88%2BJwqZPthnM%2B0pKvM9mOrKqcrb96l8SS0dBLIWblGTBFghIWkrz7ZK0wICqQ2df3Mta53K%2BIR8MLQJ5cgnxlGGBKZ0TCEJbiP57U%2BR2cYmCfStr%2BsaUNw869V0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967b3420b10b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2